An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. Recursive clones are currently affected by a vulnerability that is caused by too-lax validation of submodule names, allowing very targeted attacks via remote code execution in recursive clones.
References
Configurations
Configuration 1 (hide)
|
History
07 Nov 2023, 03:08
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:git:git:2.21.0:*:*:*:*:*:*:* cpe:2.3:a:git:git:*:*:*:*:*:*:*:* cpe:2.3:a:git:git:2.23.0:*:*:*:*:*:*:* |
cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:* cpe:2.3:a:git-scm:git:2.23.0:*:*:*:*:*:*:* cpe:2.3:a:git-scm:git:2.24.0:*:*:*:*:*:*:* cpe:2.3:a:git-scm:git:2.21.0:*:*:*:*:*:*:* |
References |
|
|
First Time |
Git-scm
Git-scm git |
Information
Published : 2019-12-18 21:15
Updated : 2023-12-10 13:13
NVD link : CVE-2019-1387
Mitre link : CVE-2019-1387
CVE.ORG link : CVE-2019-1387
JSON object : View
Products Affected
git-scm
- git
CWE