vulnerability

Ubuntu: USN-4220-1 (CVE-2019-1348): Git vulnerabilities

Try Surface Command

Back to search

Severity

CVSS

(AV:L/AC:L/Au:N/C:N/I:P/A:P)

Published

Dec 10, 2019

Added

Dec 11, 2019

Modified

Mar 27, 2026

Description

An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. The --export-marks option of git fast-import is exposed also via the in-stream command feature export-marks=... and it allows overwriting arbitrary paths.

Solution

ubuntu-upgrade-git

References

CVE-2019-1348
https://attackerkb.com/topics/CVE-2019-1348
EUVD-EUVD-2019-9906
NVD-CVE-2019-1348
UBUNTU-USN-4220-1
https://euvd.enisa.europa.eu/vulnerability/EUVD-2019-9906

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report