← Voltar para CVEs

CVE-2019-1353

CRITICAL

9.8

Descricao

An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. When running Git in the Windows Subsystem for Linux (also known as "WSL") while accessing a working directory on a regular Windows drive, none of the NTFS protections were active.

Detalhes CVE

Pontuacao CVSS v3.19.8

SeveridadeCRITICAL

Vetor CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Vetor de ataqueNETWORK

ComplexidadeLOW

Privilegios necessariosNONE

Interacao do usuarioNONE

Publicado1/24/2020

Ultima modificacao11/21/2024

Fontenvd

Avistamentos honeypot0

Produtos afetados

git-scm:gitopensuse:leap

Referencias

http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00056.html(secure@microsoft.com)

http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00003.html(secure@microsoft.com)

https://lore.kernel.org/git/xmqqr21cqcn9.fsf%40gitster-ct.c.googlers.com/T/#u(secure@microsoft.com)

https://public-inbox.org/git/xmqqr21cqcn9.fsf%40gitster-ct.c.googlers.com/(secure@microsoft.com)

https://security.gentoo.org/glsa/202003-30(secure@microsoft.com)

http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00056.html(af854a3a-2127-422b-91ae-364da2661108)

http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00003.html(af854a3a-2127-422b-91ae-364da2661108)

https://lore.kernel.org/git/xmqqr21cqcn9.fsf%40gitster-ct.c.googlers.com/T/#u(af854a3a-2127-422b-91ae-364da2661108)

https://public-inbox.org/git/xmqqr21cqcn9.fsf%40gitster-ct.c.googlers.com/(af854a3a-2127-422b-91ae-364da2661108)

https://security.gentoo.org/glsa/202003-30(af854a3a-2127-422b-91ae-364da2661108)

Correlacoes IOC

Sem correlacoes registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.