Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2019-1352

Опубликовано: 10 дек. 2019
Источник: redhat
CVSS3: 7.5

Описание

A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1349, CVE-2019-1350, CVE-2019-1354, CVE-2019-1387.

Отчет

Even if the code in the versions of git as shipped with Red Hat Enterprise Linux 8 and Red Hat Software Collections 3 is affected by this flaw, Red Hat does not support the NTFS filesystem. For this reason, the flaw has a Low Impact.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 6gitNot affected
Red Hat Enterprise Linux 7gitNot affected
Red Hat Enterprise Linux 8gitFixedRHSA-2019:435619.12.2019
Red Hat Enterprise Linux 8.0 Update Services for SAP SolutionsgitFixedRHSA-2020:022827.01.2020
Red Hat Software Collections for Red Hat Enterprise Linux 7rh-git218-gitFixedRHSA-2020:000202.01.2020
Red Hat Software Collections for Red Hat Enterprise Linux 7.5 EUSrh-git218-gitFixedRHSA-2020:000202.01.2020
Red Hat Software Collections for Red Hat Enterprise Linux 7.6 EUSrh-git218-gitFixedRHSA-2020:000202.01.2020
Red Hat Software Collections for Red Hat Enterprise Linux 7.7 EUSrh-git218-gitFixedRHSA-2020:000202.01.2020

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-73
https://bugzilla.redhat.com/show_bug.cgi?id=1781963git: Files inside the .git directory may be overwritten during cloning via NTFS Alternate Data Streams

7.5 High

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2019-1352

CVSS3: 8.8
ubuntu
больше 5 лет назад

A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1349, CVE-2019-1350, CVE-2019-1354, CVE-2019-1387.

nvd логотип

CVE-2019-1352

CVSS3: 8.8
nvd
больше 5 лет назад

A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1349, CVE-2019-1350, CVE-2019-1354, CVE-2019-1387.

msrc логотип

CVE-2019-1352

msrc
почти 6 лет назад

Git for Visual Studio Remote Code Execution Vulnerability

debian логотип

CVE-2019-1352

CVSS3: 8.8
debian
больше 5 лет назад

A remote code execution vulnerability exists when Git for Visual Studi ...

github логотип

GHSA-74fq-3g57-65f7

github
больше 3 лет назад

A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1349, CVE-2019-1350, CVE-2019-1354, CVE-2019-1387.

7.5 High

CVSS3