Use of Incorrectly-Resolved Name or Reference in git

Do your applications use this vulnerable package? Test your applications

Overview

A tampering vulnerability exists when Git for Visual Studio improperly handles virtual drive paths, aka 'Git for Visual Studio Tampering Vulnerability'.

References

ADVISORY
Debian Security Tracker
Gentoo Security Advisory
MISC
MISC
OpenSuse Security Announcement
SUSE
Ubuntu CVE Tracker

Attack Vector

Network
Attack Complexity

Low
Privileges Required

None
User Interaction

None
Scope

Unchanged
Confidentiality

None
Integrity

High
Availability

None

CVE: CVE-2019-1351
CWE: CWE-706
Snyk ID: SNYK-DEBIAN10-GIT-537160
Disclosed: 24 Jan, 2020
Published: 10 Dec, 2019

Use of Incorrectly-Resolved Name or Reference
Affecting git package, versions <1:2.20.1-2+deb10u1

Overview

References

CVSS Score

Use of Incorrectly-Resolved Name or Reference Affecting git package, versions <1:2.20.1-2+deb10u1

Overview

References

Use of Incorrectly-Resolved Name or Reference
Affecting git package, versions <1:2.20.1-2+deb10u1