CVE-2019-1348

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2019-1348
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-1348.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2019-1348
Downstream
Related
Published
2020-01-24T22:15:19.190Z
Modified
2026-03-13T22:31:01.776922Z
Severity
  • 3.3 (Low) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N CVSS Calculator
Summary
[none]
Details

An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. The --export-marks option of git fast-import is exposed also via the in-stream command feature export-marks=... and it allows overwriting arbitrary paths.

References

Affected packages

Git / github.com/git/git

Affected ranges

Type
GIT
Repo
https://github.com/git/git
Events
Introduced
4384e3cde2ce8ecd194202e171ae16333d241326
Fixed
66d2a6159f511924e7e0b8a21c93538879bfd622
Introduced
cb5918aa0d50f50e83787f65c2ddc3dcb10159fe
Fixed
7cdafcaacf677b9e0700fa988c247bda192db48d
Introduced
2512f15446149235156528dafbe75930c712b29e
Fixed
eb288bc455ac67e3ceeff90daf6f25972bb586d0
Introduced
468165c1d8a442994a825f3684528361727cd8c0
Fixed
a5ab8d03173458b76b8452efd90a7173f490c132
Introduced
53f9a3e157dbbc901a02ac2c73346d375e24978c
Fixed
9877106b01cbd346b862cc8cd2c52e496dd40ed5
Introduced
1d4361b0f344188ab5eec6dcea01f61a3a3a1670
Fixed
caccc527ca7f4b3e6f4bb6775cbff94b27741482
Introduced
5d826e972970a784bd7a7bdf587512510097b8c7
Fixed
4cd1cf31efed9b16db5035c377bfa222f5272458
Introduced
8104ec994ea3849a968b4667d072fedd1e688642
Fixed
367f12b7e92aef4e8a41fe601d90984a2b7a0381
Introduced
b697d92f56511e804b8ba20ccbe7bdc85dc66810
Fixed
d9589d4051537c387b70dc76e430c61b4c85a86d
Introduced
5fa0f5238b0cd46cfe7f6fa76c3f526ea98148d9
Fixed
a7312d1a28ff3ab0a5a5427b35f01d943103cba8
Introduced
da72936f544fec5a335e66432610e4cef4430991
Fixed
53a06cf39b756eddfe4a2a34da93e3d04eb7b728
Database specific 
{
    "versions": [
        {
            "introduced": "2.14.0"
        },
        {
            "fixed": "2.14.6"
        },
        {
            "introduced": "2.15.0"
        },
        {
            "fixed": "2.15.4"
        },
        {
            "introduced": "2.16.0"
        },
        {
            "fixed": "2.16.6"
        },
        {
            "introduced": "2.17.0"
        },
        {
            "fixed": "2.17.3"
        },
        {
            "introduced": "2.18.0"
        },
        {
            "fixed": "2.18.2"
        },
        {
            "introduced": "2.19.0"
        },
        {
            "fixed": "2.19.3"
        },
        {
            "introduced": "2.20.0"
        },
        {
            "fixed": "2.20.2"
        },
        {
            "introduced": "2.21.0"
        },
        {
            "fixed": "2.21.1"
        },
        {
            "introduced": "2.22.0"
        },
        {
            "fixed": "2.22.2"
        },
        {
            "introduced": "2.23.0"
        },
        {
            "fixed": "2.23.1"
        },
        {
            "introduced": "2.24.0"
        },
        {
            "fixed": "2.24.1"
        }
    ]
}

Affected versions

v2.*
v2.10.4
v2.10.5
v2.11.3
v2.11.4
v2.12.4
v2.12.5
v2.13.5
v2.13.6
v2.13.7
v2.14.0
v2.14.1
v2.14.2
v2.14.3
v2.14.4
v2.14.5
v2.7.6
v2.8.6
v2.9.5

Database specific

unresolved_ranges 
[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "15.1"
            }
        ]
    }
]
source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-1348.json"