vulnerability

Ubuntu: USN-6678-1 (CVE-2020-12278): libgit2 vulnerabilities

Severity
8
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Published
Apr 27, 2020
Added
Mar 6, 2024
Modified
Jan 23, 2025

Description

An issue was discovered in libgit2 before 0.28.4 and 0.9x before 0.99.0. path.c mishandles equivalent filenames that exist because of NTFS Alternate Data Streams. This may allow remote code execution when cloning a repository. This issue is similar to CVE-2019-1352.

Solution(s)

ubuntu-pro-upgrade-libgit2-1-1ubuntu-pro-upgrade-libgit2-1-5ubuntu-pro-upgrade-libgit2-24ubuntu-pro-upgrade-libgit2-26ubuntu-pro-upgrade-libgit2-28
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.