← Retour aux CVEs

CVE-2019-1353

CRITICAL

9.8

Description

An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. When running Git in the Windows Subsystem for Linux (also known as "WSL") while accessing a working directory on a regular Windows drive, none of the NTFS protections were active.

Details CVE

Score CVSS v3.19.8

SeveriteCRITICAL

Vecteur CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Vecteur d'attaqueNETWORK

ComplexiteLOW

Privileges requisNONE

Interaction utilisateurNONE

Publie1/24/2020

Derniere modification11/21/2024

Sourcenvd

Observations honeypot0

Produits affectes

git-scm:gitopensuse:leap

References

http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00056.html(secure@microsoft.com)

http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00003.html(secure@microsoft.com)

https://lore.kernel.org/git/xmqqr21cqcn9.fsf%40gitster-ct.c.googlers.com/T/#u(secure@microsoft.com)

https://public-inbox.org/git/xmqqr21cqcn9.fsf%40gitster-ct.c.googlers.com/(secure@microsoft.com)

https://security.gentoo.org/glsa/202003-30(secure@microsoft.com)

http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00056.html(af854a3a-2127-422b-91ae-364da2661108)

http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00003.html(af854a3a-2127-422b-91ae-364da2661108)

https://lore.kernel.org/git/xmqqr21cqcn9.fsf%40gitster-ct.c.googlers.com/T/#u(af854a3a-2127-422b-91ae-364da2661108)

https://public-inbox.org/git/xmqqr21cqcn9.fsf%40gitster-ct.c.googlers.com/(af854a3a-2127-422b-91ae-364da2661108)

https://security.gentoo.org/glsa/202003-30(af854a3a-2127-422b-91ae-364da2661108)

Correlations IOC

Aucune correlation enregistree

This product uses data from the NVD API but is not endorsed or certified by the NVD.