Lucene search
GoogleOSV:CVE-2020-12279HistoryApr 27, 2020 - 5:15 p.m.
CVE-2020-12279
2020-04-2717:15:13
Google
osv.dev
7
An issue was discovered in libgit2 before 0.28.4 and 0.9x before 0.99.0. checkout.c mishandles equivalent filenames that exist because of NTFS short names. This may allow remote code execution when cloning a repository. This issue is similar to CVE-2019-1353.
| CPE | Name | Operator | Version |
|---|---|---|---|
| libgit2 | eq | 0.12.0 | |
| libgit2 | eq | 0.23.0-rc2 | |
| libgit2 | eq | 0.26.0-rc2 | |
| libgit2 | eq | 0.19.0 | |
| libgit2 | eq | 0.11.0 | |
| libgit2 | eq | 0.25.0 | |
| libgit2 | eq | 0.15.0 | |
| libgit2 | eq | 0.23.0-rc1 | |
| libgit2 | eq | 0.26.0-rc1 | |
| libgit2 | eq | 0.28.0-rc1 |
References
github.com/git/git/security/advisories/GHSA-589j-mmg9-733v
github.com/libgit2/libgit2/commit/64c612cc3e25eff5fb02c59ef5a66ba7a14751e4
github.com/libgit2/libgit2/releases/tag/v0.28.4
github.com/libgit2/libgit2/releases/tag/v0.99.0
lists.debian.org/debian-lts-announce/2022/03/msg00031.html
lists.debian.org/debian-lts-announce/2023/02/msg00034.html
Related
cve
cve
CVE-2020-12279
2020-04-27 17:15:13
CVE-2019-1353
2020-01-24 22:15:19
redhatcve
redhatcve
CVE-2020-12279
2020-04-29 14:10:02
CVE-2019-1353
2019-12-11 00:50:56
ubuntucve
ubuntucve
CVE-2020-12279
2020-04-27 00:00:00
CVE-2019-1353
2019-12-10 00:00:00
debiancve
debiancve
CVE-2020-12279
2020-04-27 17:15:13
CVE-2019-1353
2020-01-24 22:15:19
prion
prion
Remote code execution
2020-04-27 17:15:00
Design/Logic Flaw
2020-01-24 22:15:00
cvelist
cvelist
CVE-2020-12279
2020-04-27 00:00:00
CVE-2019-1353
2020-01-24 21:14:21
nvd
nvd
CVE-2020-12279
2020-04-27 17:15:13
CVE-2019-1353
2020-01-24 22:15:19
openvas
openvas
Huawei EulerOS: Security Advisory for libgit2 (EulerOS-SA-2020-1861)
2020-08-31 00:00:00
Debian: Security Advisory (DLA-3340-1)
2023-02-24 00:00:00
Debian: Security Advisory (DLA-2936-1)
2022-03-21 00:00:00
nessus
nessus
EulerOS 2.0 SP8 : libgit2 (EulerOS-SA-2020-1861)
2020-08-28 00:00:00
Debian DLA-3340-1 : libgit2 - LTS security update
2023-02-24 00:00:00
veracode
veracode
Missing NTFS Protection
2020-05-10 23:22:08
alpinelinux
alpinelinux
CVE-2019-1353
2020-01-24 22:15:19
osv
osv
CVE-2019-1353
2020-01-24 22:15:19
libgit2 - security update
2023-02-23 00:00:00
libgit2 vulnerabilities
2024-03-05 18:46:35
debian
debian
[SECURITY] [DLA 3340-1] libgit2 security update
2023-02-23 21:21:37
[SECURITY] [DLA 2936-1] libgit2 security update
2022-03-21 00:39:43
[SECURITY] [DLA 2059-1] git security update
2020-01-23 14:27:34
ubuntu
ubuntu
libgit2 vulnerabilities
2024-03-05 00:00:00
Git vulnerabilities
2019-12-10 00:00:00
oraclelinux
oraclelinux
git security update
2019-12-19 00:00:00
fedora
fedora
[SECURITY] Fedora 31 Update: libgit2-0.28.4-1.fc31
2019-12-17 01:46:03
[SECURITY] Fedora 30 Update: git-2.21.1-1.fc30
2020-01-04 22:16:13
[SECURITY] Fedora 31 Update: git-2.24.1-1.fc31
2019-12-18 01:56:26
gentoo
gentoo
Git: Multiple vulnerabilities
2020-03-15 00:00:00
amazon
amazon
altlinux
altlinux
Security fix for the ALT Linux 8 package git version 2.24.1-alt1
2019-12-12 00:00:00
Security fix for the ALT Linux 10 package git version 2.24.1-alt1
2019-12-08 00:00:00
cloudfoundry
cloudfoundry
USN-4220-1: Git vulnerabilities | Cloud Foundry
2019-12-18 00:00:00
suse
suse
Security update for git (important)
2020-01-29 00:00:00
Security update for git (moderate)
2020-05-02 00:00:00