A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka ‘Git for Visual Studio Remote Code Execution Vulnerability’. This CVE ID is unique from CVE-2019-1349, CVE-2019-1350, CVE-2019-1354, CVE-2019-1387.

References

bugzilla.redhat.com/show_bug.cgi?id=1781963

github.com/git/git/security/advisories/GHSA-5wph-8frv-58vj

nvd.nist.gov/vuln/detail/CVE-2019-1352

www.cve.org/CVERecord?id=CVE-2019-1352

osv 9

ubuntucve 6

debiancve 6

alpinelinux 6

cve 7

redhatcve 5

prion 7

nessus 41

kaspersky 1

oraclelinux 2

openvas 26

fedora 3

qualysblog 1

redhat 5

amazon 3

altlinux 2

archlinux 2

suse 3

cloudfoundry 1

gentoo 2

ubuntu 1

threatpost 1

debian 4

mageia 2

veracode 5

symantec 5

mscve 5

centos 1

ibm 2

rosalinux 1

osv

CVE-2019-1352

2020-01-24 21:15:12

CVE-2019-1349

2020-01-24 21:15:12

CVE-2019-1354

2020-01-24 21:15:12

ubuntucve

CVE-2019-1349

2019-12-10 00:00:00

CVE-2019-1352

2019-12-10 00:00:00

CVE-2019-1350

2019-12-10 00:00:00

debiancve

CVE-2019-1354

2020-01-24 21:15:00

CVE-2019-1350

2020-01-24 21:15:00

CVE-2019-1349

2020-01-24 21:15:00

alpinelinux

CVE-2019-1349

2020-01-24 21:15:00

CVE-2019-1352

2020-01-24 21:15:00

CVE-2019-1350

2020-01-24 21:15:00

cve

CVE-2019-1354

2020-01-24 21:15:00

CVE-2019-1350

2020-01-24 21:15:00

CVE-2019-1349

2020-01-24 21:15:00

redhatcve

CVE-2019-1350

2019-12-11 00:21:07

CVE-2019-1354

2019-12-11 00:51:03

CVE-2019-1349

2019-12-11 00:21:00

prion

Remote code execution

2020-01-24 21:15:00

Remote code execution

2020-01-24 21:15:00

Remote code execution

2020-01-24 21:15:00

nessus

Security Updates for Microsoft Visual Studio Products (December 2019)

2019-12-10 00:00:00

SUSE SLES15 Security Update : libgit2 (SUSE-SU-2022:3495-1)

2022-10-05 00:00:00

Fedora 31 : libgit2 (2019-9c3d054f39)

2019-12-17 00:00:00

kaspersky

KLA11618 Multiple vulnerabilities in Microsoft Developer Tools

2019-12-10 00:00:00

oraclelinux

git security update

2019-12-19 00:00:00

git security update

2020-01-16 00:00:00

openvas

Fedora Update for libgit2 FEDORA-2019-9c3d054f39

2020-01-09 00:00:00

Ubuntu: Security Advisory (USN-4220-1)

2019-12-11 00:00:00

Huawei EulerOS: Security Advisory for git (EulerOS-SA-2020-1151)

2020-02-25 00:00:00

fedora

[SECURITY] Fedora 31 Update: libgit2-0.28.4-1.fc31

2019-12-17 01:46:03

[SECURITY] Fedora 31 Update: git-2.24.1-1.fc31

2019-12-18 01:56:26

[SECURITY] Fedora 30 Update: git-2.21.1-1.fc30

2020-01-04 22:16:13

qualysblog

December 2019 Patch Tuesday – 36 Vulns, 7 Critical, Actively Attacked Win32k vuln, Adobe vulns

2019-12-10 19:04:23

redhat

(RHSA-2020:0228) Important: git security update

2020-01-27 08:04:40

(RHSA-2019:4356) Important: git security update

2019-12-19 18:18:24

(RHSA-2020:0002) Important: rh-git218-git security update

2020-01-02 08:21:54

amazon

Important: git

2023-02-17 00:11:00

Important: git

2019-12-13 19:06:00

Important: git

2019-12-09 22:06:00

altlinux

Security fix for the ALT Linux 8 package git version 2.24.1-alt1

2019-12-12 00:00:00

Security fix for the ALT Linux 10 package git version 2.24.1-alt1

2019-12-08 00:00:00

archlinux

[ASA-201912-5] libgit2: arbitrary code execution

2019-12-18 00:00:00

[ASA-201912-6] git: arbitrary code execution

2019-12-18 00:00:00

suse

Security update for git (important)

2020-01-29 00:00:00

Security update for git (moderate)

2020-05-02 00:00:00

Security update for libgit2 (important)

2022-10-04 00:00:00

cloudfoundry

USN-4220-1: Git vulnerabilities | Cloud Foundry

2019-12-18 00:00:00

gentoo

Git: Multiple vulnerabilities

2020-03-15 00:00:00

libgit2: Multiple vulnerabilities

2020-03-19 00:00:00

ubuntu

Git vulnerabilities

2019-12-10 00:00:00

threatpost

Microsoft Zaps Actively Exploited Zero-Day Bug

2019-12-10 21:21:24

debian

[SECURITY] [DLA 2059-1] git security update

2020-01-23 14:27:34

[SECURITY] [DSA 4581-1] git security update

2019-12-10 19:56:55

[SECURITY] [DSA 4581-1] git security update

2019-12-10 19:56:55

mageia

Updated libgit2 packages fix security vulnerabilities

2019-12-15 21:03:05

Updated git packages fix security vulnerabilities

2019-12-15 21:03:05

veracode

Remote Code Execution (RCE)

2020-05-10 23:22:09

Authorization Bypass

2019-12-20 00:15:19

Arbitrary Files Overwrite

2019-12-20 00:15:19

symantec

Microsoft Git for Visual Studio CVE-2019-1354 Remote Code Execution Vulnerability

2019-12-10 00:00:00

Microsoft Git for Visual Studio CVE-2019-1349 Remote Code Execution Vulnerability

2019-12-10 00:00:00

Microsoft Git for Visual Studio CVE-2019-1350 Remote Code Execution Vulnerability

2019-12-10 00:00:00

mscve

Git for Visual Studio Remote Code Execution Vulnerability

2019-12-10 08:00:00

Git for Visual Studio Remote Code Execution Vulnerability

2019-12-10 08:00:00

Git for Visual Studio Remote Code Execution Vulnerability

2019-12-10 08:00:00

centos

emacs, git, gitk, gitweb, perl security update

2020-01-18 14:51:34

ibm

Security Bulletin: Action required for WebSphere Message Broker Hypervisor Edition V8.0 for security vulnerabilities in Red Hat Linux

2020-01-09 10:32:26

Security Bulletin: IBM Integration Bus Hyper visor Edition V9.0 require customer action for security vulnerabilities in Red Hat Linux

2019-12-20 08:47:33

rosalinux

Advisory ROSA-SA-2021-1843

2021-07-02 16:45:45

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.064 Low

EPSS

Percentile

93.6%

JSON

Related for RH:CVE-2019-1352