CVE-2019-1387 – git: Remote code execution in recursive clones with nested submodules
https://notcve.org/view.php?id=CVE-2019-1387
An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. Recursive clones are currently affected by a vulnerability that is caused by too-lax validation of submodule names, allowing very targeted attacks via remote code execution in recursive clones. Se encontró un problema en Git versiones anteriores a v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4 y v2. 14.6. Los clones recursivos están actualmente afectados por una vulnerabilidad causada por una comprobación too-lax de los nombres de submódulos, permitiendo ataques muy específicos por medio de una ejecución de código remota en clones recursivos. A flaw was discovered where git improperly validates submodules' names used to construct git metadata paths and does not prevent them from being nested in existing directories used to store another submodule's metadata. • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00056.html http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00003.html https://access.redhat.com/errata/RHSA-2019:4356 https://access.redhat.com/errata/RHSA-2020:0002 https://access.redhat.com/errata/RHSA-2020:0124 https://access.redhat.com/errata/RHSA-2020:0228 https://lists.debian.org/debian-lts-announce/2020/01/msg00019.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org • CWE-20: Improper Input Validation •
CVE-2019-1353
https://notcve.org/view.php?id=CVE-2019-1353
An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. When running Git in the Windows Subsystem for Linux (also known as "WSL") while accessing a working directory on a regular Windows drive, none of the NTFS protections were active. El controlador IEC870IP para Vijeo Citect y Citect SCADA de AVENA y Power SCADA Operation de Schneider Electric, presenta una vulnerabilidad de desbordamiento de búfer que podría resultar en un bloqueo del lado del servidor. • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00056.html http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00003.html https://lore.kernel.org/git/xmqqr21cqcn9.fsf%40gitster-ct.c.googlers.com/T/#u https://public-inbox.org/git/xmqqr21cqcn9.fsf%40gitster-ct.c.googlers.com https://security.gentoo.org/glsa/202003-30 •
CVE-2019-19604
https://notcve.org/view.php?id=CVE-2019-19604
Arbitrary command execution is possible in Git before 2.20.2, 2.21.x before 2.21.1, 2.22.x before 2.22.2, 2.23.x before 2.23.1, and 2.24.x before 2.24.1 because a "git submodule update" operation can run commands found in the .gitmodules file of a malicious repository. Una ejecución de comandos arbitrarios es posible en Git versiones anteriores a 2.20.2, versiones 2.21.x anteriores a 2.21.1, versiones 2.22.x anteriores a 2.22.2, versiones 2.23.x anteriores a 2.23.1 y versiones 2.24.x anteriores a 2.24.1, porque una operación "git submodule update" puede ejecutar comandos encontrados en el archivo .gitmodules de un repositorio malicioso. • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00056.html http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00003.html http://www.openwall.com/lists/oss-security/2019/12/13/1 https://gitlab.com/gitlab-com/gl-security/disclosures/blob/master/003_git_submodule/advisory.md https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HCYSSCA5ZTEP46SB4XRPSQGFV2L3NKMZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/mes • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') CWE-862: Missing Authorization •
CVE-2019-1348 – git: Arbitrary path overwriting via export-marks in-stream command feature
https://notcve.org/view.php?id=CVE-2019-1348
An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. The --export-marks option of git fast-import is exposed also via the in-stream command feature export-marks=... and it allows overwriting arbitrary paths. Se encontró un problema en Git anterior a la versión v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4 y v2. 14.6 La opción --export-marks de git fast-import también se expone a través de la función de comando in-stream export-marks = ... y permite sobrescribir rutas arbitrarias A flaw was found in the git fast-import command where it provides the export-marks feature that may unexpectedly overwrite arbitrary paths. An attacker can abuse this flaw if they can control the input passed to the fast-import command by using the export-marks feature and overwrite arbitrary files, but would not have complete control on the content of the file. • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00056.html http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00003.html https://access.redhat.com/errata/RHSA-2020:0228 https://lore.kernel.org/git/xmqqr21cqcn9.fsf%40gitster-ct.c.googlers.com/T/#u https://public-inbox.org/git/xmqqr21cqcn9.fsf%40gitster-ct.c.googlers.com https://security.gentoo.org/glsa/202003-30 https://security.gentoo.org/glsa/202003-42 https://support.apple.com/kb/HT210729 https:/ • CWE-20: Improper Input Validation •
CVE-2019-1003010
https://notcve.org/view.php?id=CVE-2019-1003010
A cross-site request forgery vulnerability exists in Jenkins Git Plugin 3.9.1 and earlier in src/main/java/hudson/plugins/git/GitTagAction.java that allows attackers to create a Git tag in a workspace and attach corresponding metadata to a build record. Existe una vulnerabilidad Cross-Site Request Forgery (CSRF) en Jenkins Git Plugin, en versiones 3.9.1 y anteriores, en src/main/java/hudson/plugins/git/GitTagAction.java, que permite que los atacantes creen una etiqueta Git en un espacio de trabajo y adjunten los metadatos correspondientes a un registro de builds. • https://access.redhat.com/errata/RHBA-2019:0326 https://access.redhat.com/errata/RHBA-2019:0327 https://jenkins.io/security/advisory/2019-01-28/#SECURITY-1095 • CWE-352: Cross-Site Request Forgery (CSRF) •