Home

CVE-2019-1353

Description

An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. When running Git in the Windows Subsystem for Linux (also known as WSL) while accessing a working directory on a regular Windows drive, none of the NTFS protections were active.

Risk Information

Base Score
9.8
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.187

Associated Vulnerability

VulnerabilityOS Platform
Update Git (2.24.1) addressing the security issues CVE-2019-1348, CVE-2019-1349, CVE-2019-1350, CVE-2019-1351, CVE-2019-1352, CVE-2019-1353, CVE-2019-1354, CVE-2019-1387, and CVE-2019-19604Windows
Update Git (x64) (2.24.1) addressing the security issues CVE-2019-1348, CVE-2019-1349, CVE-2019-1350, CVE-2019-1351, CVE-2019-1352, CVE-2019-1353, CVE-2019-1354, CVE-2019-1387, and CVE-2019-19604Windows
fast, scalable, distributed revision control system (USN-4220-1) git_2.7.4-0ubuntu1.7_i386.debLinux
fast, scalable, distributed revision control system (USN-4220-1) git_2.7.4-0ubuntu1.7_amd64.debLinux
fast, scalable, distributed revision control system (USN-4220-1) git_2.17.1-1ubuntu0.5_i386.debLinux
fast, scalable, distributed revision control system (USN-4220-1) git_2.17.1-1ubuntu0.5_amd64.debLinux
fast, scalable, distributed revision control system (USN-4220-1) git_2.20.1-2ubuntu1.19.04.1_i386.debLinux
fast, scalable, distributed revision control system (USN-4220-1) git_2.20.1-2ubuntu1.19.04.1_amd64.debLinux
fast, scalable, distributed revision control system (USN-4220-1) git_2.20.1-2ubuntu1.19.10.1_i386.debLinux
fast, scalable, distributed revision control system (USN-4220-1) git_2.20.1-2ubuntu1.19.10.1_amd64.debLinux
git security update(DSA-4581-1) git_2.11.0-3+deb9u5_i386.debLinux
git security update(DSA-4581-1) git_2.11.0-3+deb9u5_amd64.debLinux
git security update(DSA-4581-1) git_2.20.1-2+deb10u1_i386.debLinux
git security update(DSA-4581-1) git_2.20.1-2+deb10u1_amd64.debLinux

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-312484Git (2.25.0)
PATCH-319947Git (x64) (2.32.0)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234