vulnerability
SUSE: CVE-2019-19604: SUSE Linux Security Advisory
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 9 | (AV:N/AC:M/Au:N/C:C/I:C/A:C) | Dec 10, 2019 | Dec 17, 2019 | Oct 22, 2021 |
Severity
9
CVSS
(AV:N/AC:M/Au:N/C:C/I:C/A:C)
Published
Dec 10, 2019
Added
Dec 17, 2019
Modified
Oct 22, 2021
Description
Arbitrary command execution is possible in Git before 2.20.2, 2.21.x before 2.21.1, 2.22.x before 2.22.2, 2.23.x before 2.23.1, and 2.24.x before 2.24.1 because a "git submodule update" operation can run commands found in the .gitmodules file of a malicious repository.
Solution(s)
suse-upgrade-gitsuse-upgrade-git-archsuse-upgrade-git-coresuse-upgrade-git-credential-gnome-keyringsuse-upgrade-git-credential-libsecretsuse-upgrade-git-cvssuse-upgrade-git-daemonsuse-upgrade-git-docsuse-upgrade-git-emailsuse-upgrade-git-guisuse-upgrade-git-p4suse-upgrade-git-svnsuse-upgrade-git-websuse-upgrade-gitksuse-upgrade-perl-authen-saslsuse-upgrade-perl-net-smtp-ssl
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.