Lucene search
Redhat.comRH:CVE-2019-1387HistoryApr 09, 2020 - 7:30 a.m.
CVE-2019-1387
2020-04-0907:30:43
redhat.com
access.redhat.com
8
0.087 Low
EPSS
Percentile
94.6%
A flaw was discovered where git improperly validates submodules’ names used to construct git metadata paths and does not prevent them from being nested in existing directories used to store another submodule’s metadata. A remote attacker could abuse this flaw to trick a victim user into cloning a malicious repository containing submodules, which, when recursively cloned, would trigger the flaw and remotely execute code on the victim’s machine.
Mitigation
Avoid running git clone --recurse-submodules and git submodule update with untrusted repositories.
Related
alpinelinux
alpinelinux
cve
cve
osv
osv
CVE-2019-1387
2019-12-18 21:15:13
CVE-2019-1350
2020-01-24 21:15:12
git - security update
2019-12-10 00:00:00
nessus
nessus
NewStart CGSL CORE 5.04 / MAIN 5.04 : git Vulnerability (NS-SA-2020-0014)
2020-04-21 00:00:00
Scientific Linux Security Update : git on SL7.x x86_64 (20200116)
2020-01-17 00:00:00
EulerOS 2.0 SP3 : git (EulerOS-SA-2020-1386)
2020-04-15 00:00:00
nvd
nvd
debiancve
debiancve
mscve
mscve
Git for Visual Studio Remote Code Execution Vulnerability
2019-12-10 08:00:00
openvas
openvas
CentOS Update for emacs-git CESA-2020:0124 centos7
2020-01-19 00:00:00
Huawei EulerOS: Security Advisory for git (EulerOS-SA-2020-1386)
2020-04-16 00:00:00
Mageia: Security Advisory (MGASA-2019-0391)
2022-01-28 00:00:00
symantec
symantec
centos
centos
emacs, git, gitk, gitweb, perl security update
2020-01-18 14:51:34
ubuntucve
ubuntucve
veracode
veracode
Remote Code Execution (RCE)
2019-12-20 00:15:19
prion
prion
Remote code execution
2019-12-18 21:15:00
Remote code execution
2020-01-24 21:15:00
Remote code execution
2020-01-24 21:15:00
oraclelinux
oraclelinux
git security update
2020-01-16 00:00:00
git security update
2019-12-19 00:00:00
cvelist
cvelist
redhat
redhat
(RHSA-2020:0124) Important: git security update
2020-01-16 10:47:10
(RHSA-2020:0002) Important: rh-git218-git security update
2020-01-02 08:21:54
(RHSA-2019:4356) Important: git security update
2019-12-19 18:18:24
mageia
mageia
Updated libgit2 packages fix security vulnerabilities
2019-12-15 21:03:05
Updated git packages fix security vulnerabilities
2019-12-15 21:03:05
gentoo
gentoo
libgit2: Multiple vulnerabilities
2020-03-19 00:00:00
Git: Multiple vulnerabilities
2020-03-15 00:00:00
archlinux
archlinux
[ASA-201912-5] libgit2: arbitrary code execution
2019-12-18 00:00:00
[ASA-201912-6] git: arbitrary code execution
2019-12-18 00:00:00
debian
debian
[SECURITY] [DLA 2059-1] git security update
2020-01-23 14:27:34
[SECURITY] [DSA 4581-1] git security update
2019-12-10 19:56:55
[SECURITY] [DSA 4581-1] git security update
2019-12-10 19:56:55
redhatcve
redhatcve
kaspersky
kaspersky
KLA11618 Multiple vulnerabilities in Microsoft Developer Tools
2019-12-10 00:00:00
qualysblog
qualysblog
fedora
fedora
[SECURITY] Fedora 31 Update: libgit2-0.28.4-1.fc31
2019-12-17 01:46:03
[SECURITY] Fedora 30 Update: git-2.21.1-1.fc30
2020-01-04 22:16:13
[SECURITY] Fedora 31 Update: git-2.24.1-1.fc31
2019-12-18 01:56:26
amazon
amazon
ubuntu
ubuntu
Git vulnerabilities
2019-12-10 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 8 package git version 2.24.1-alt1
2019-12-12 00:00:00
Security fix for the ALT Linux 10 package git version 2.24.1-alt1
2019-12-08 00:00:00
cloudfoundry
cloudfoundry
USN-4220-1: Git vulnerabilities | Cloud Foundry
2019-12-18 00:00:00
suse
suse
Security update for git (important)
2020-01-29 00:00:00
Security update for git (moderate)
2020-05-02 00:00:00
threatpost
threatpost
Microsoft Zaps Actively Exploited Zero-Day Bug
2019-12-10 21:21:24