CVE-2019-1348 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	High
Remote	Yes
Type	Arbitrary code execution
Description	A security issue has been found in git before 2.24.1 where the --export-marks option of git fast-import is exposed also via the in-stream command feature export-marks=... and it allows overwriting arbitrary paths.

Group	Package	Affected	Fixed	Severity	Status	Ticket
AVG-1075	libgit2	1:0.28.3-1	1:0.28.4-1	High	Fixed
AVG-1073	git	2.24.0-1	2.24.1-1	High	Fixed

Date	Advisory	Group	Package	Severity	Type
18 Dec 2019	ASA-201912-6	AVG-1073	git	High	arbitrary code execution
18 Dec 2019	ASA-201912-5	AVG-1075	libgit2	High	arbitrary code execution

References
https://github.com/git/git/commit/68061e3470210703cb15594194718d35094afdc0 https://lkml.org/lkml/2019/12/10/905