CVE-2019-1348
24.01.2020, 22:15
An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. The --export-marks option of git fast-import is exposed also via the in-stream command feature export-marks=... and it allows overwriting arbitrary paths.Enginsight
| Vendor | Product | Version |
|---|---|---|
| git-scm | git | 2.14.0 ≤ 𝑥 < 2.14.6 |
| git-scm | git | 2.15.0 ≤ 𝑥 < 2.15.4 |
| git-scm | git | 2.16.0 ≤ 𝑥 < 2.16.6 |
| git-scm | git | 2.17.0 ≤ 𝑥 < 2.17.3 |
| git-scm | git | 2.18.0 ≤ 𝑥 < 2.18.2 |
| git-scm | git | 2.19.0 ≤ 𝑥 < 2.19.3 |
| git-scm | git | 2.20.0 ≤ 𝑥 < 2.20.2 |
| git-scm | git | 2.21.0 ≤ 𝑥 < 2.21.1 |
| git-scm | git | 2.22.0 ≤ 𝑥 < 2.22.2 |
| git-scm | git | 2.23.0 ≤ 𝑥 < 2.23.1 |
| git-scm | git | 2.24.0 ≤ 𝑥 < 2.24.1 |
| opensuse | leap | 15.1 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
References