2 matches found
CVE-2024-32020
CVE-2024-32020 concerns Git’s local clone optimization on the same disk, where source and target repositories owned by different users may result in hardlinked files in the target’s object database that can be rewritten by an untrusted user. Affected Git versions prior to 2.45.1, 2.44.1, 2.43.4, ...
CVE-2019-1348
CVE-2019-1348 affects Git prior to 2.24.1 (including 2.23.1, 2.22.2, 2.21.1, etc.). The root cause is that the --export-marks feature of git fast-import is exposed through the in-stream command export-marks=... mechanism, which can overwrite arbitrary paths. This creates a local-attack surface wh...