CVE-2019-1348

Summary

An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. The –export-marks option of git fast-import is exposed also via the in-stream command feature export-marks=… and it allows overwriting arbitrary paths.

Affected Software

VendorProductVersion RangeStatus
Microsoft CorporationGitBefore 2.24.1, 2.23.1, 2.22.2, 2.21.1, 2.20.2, 2.19.3, 2.18.2, 2.17.3, 2.16.6, 2.15.4, 2.14.6affected

Weaknesses

  • Remote Code Execution

ADP Enrichment

CVE Program Container

Additional References

References