vulnerability
SUSE: CVE-2019-1387: SUSE Linux Security Advisory
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:N/AC:M/Au:N/C:P/I:P/A:P) | Dec 10, 2019 | Dec 17, 2019 | Feb 4, 2022 |
Severity
7
CVSS
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
Published
Dec 10, 2019
Added
Dec 17, 2019
Modified
Feb 4, 2022
Description
An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. Recursive clones are currently affected by a vulnerability that is caused by too-lax validation of submodule names, allowing very targeted attacks via remote code execution in recursive clones.
Solutions
suse-upgrade-gitsuse-upgrade-git-archsuse-upgrade-git-coresuse-upgrade-git-credential-gnome-keyringsuse-upgrade-git-credential-libsecretsuse-upgrade-git-cvssuse-upgrade-git-daemonsuse-upgrade-git-docsuse-upgrade-git-emailsuse-upgrade-git-guisuse-upgrade-git-p4suse-upgrade-git-svnsuse-upgrade-git-websuse-upgrade-gitksuse-upgrade-libgit2-28suse-upgrade-libgit2-develsuse-upgrade-perl-authen-saslsuse-upgrade-perl-net-smtp-ssl
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.