← Volver a CVEs

CVE-2019-1353

CRITICAL

9.8

Descripcion

An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. When running Git in the Windows Subsystem for Linux (also known as "WSL") while accessing a working directory on a regular Windows drive, none of the NTFS protections were active.

Detalles CVE

Puntuacion CVSS v3.19.8

SeveridadCRITICAL

Vector CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Vector de ataqueNETWORK

ComplejidadLOW

Privilegios requeridosNONE

Interaccion usuarioNONE

Publicado1/24/2020

Ultima modificacion11/21/2024

Fuentenvd

Avistamientos honeypot0

Productos afectados

git-scm:gitopensuse:leap

Referencias

http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00056.html(secure@microsoft.com)

http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00003.html(secure@microsoft.com)

https://lore.kernel.org/git/xmqqr21cqcn9.fsf%40gitster-ct.c.googlers.com/T/#u(secure@microsoft.com)

https://public-inbox.org/git/xmqqr21cqcn9.fsf%40gitster-ct.c.googlers.com/(secure@microsoft.com)

https://security.gentoo.org/glsa/202003-30(secure@microsoft.com)

http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00056.html(af854a3a-2127-422b-91ae-364da2661108)

http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00003.html(af854a3a-2127-422b-91ae-364da2661108)

https://lore.kernel.org/git/xmqqr21cqcn9.fsf%40gitster-ct.c.googlers.com/T/#u(af854a3a-2127-422b-91ae-364da2661108)

https://public-inbox.org/git/xmqqr21cqcn9.fsf%40gitster-ct.c.googlers.com/(af854a3a-2127-422b-91ae-364da2661108)

https://security.gentoo.org/glsa/202003-30(af854a3a-2127-422b-91ae-364da2661108)

Correlaciones IOC

Sin correlaciones registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.