Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:Debian Local Security Checks
Title:Debian LTS: Security Advisory for git (DLA-2059-1)
Summary:The remote host is missing an update for the 'git'; package(s) announced via the DLA-2059-1 advisory.
The remote host is missing an update for the 'git'
package(s) announced via the DLA-2059-1 advisory.

Vulnerability Insight:
Several vulnerabilities have been discovered in git, a fast, scalable,
distributed revision control system.


It was reported that the --export-marks option of git fast-import is
exposed also via the in-stream command feature export-marks=...,
allowing to overwrite arbitrary paths.


It was discovered that submodule names are not validated strictly
enough, allowing very targeted attacks via remote code execution
when performing recursive clones.

In addition this update addresses a number of security issues which are
only an issue if git is operating on an NTFS filesystem (CVE-2019-1349,
CVE-2019-1352 and CVE-2019-1353).

Affected Software/OS:
'git' package(s) on Debian Linux.

For Debian 8 'Jessie', these problems have been fixed in version

We recommend that you upgrade your git packages.

CVSS Score:

CVSS Vector:

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2019-1348
RedHat Security Advisories: RHSA-2020:0228
SuSE Security Announcement: openSUSE-SU-2020:0123 (Google Search)
SuSE Security Announcement: openSUSE-SU-2020:0598 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2019-1349
Common Vulnerability Exposure (CVE) ID: CVE-2019-1352
Common Vulnerability Exposure (CVE) ID: CVE-2019-1353
Common Vulnerability Exposure (CVE) ID: CVE-2019-1387
RedHat Security Advisories: RHSA-2019:4356
RedHat Security Advisories: RHSA-2020:0002
RedHat Security Advisories: RHSA-2020:0124
CopyrightCopyright (C) 2020 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2022 E-Soft Inc. All rights reserved.