cbcvebase.
CVE-2019-1349
published 2020-01-24

CVE-2019-1349: A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution…

high8.8CVSS 3.1
AVNACLPRNUIRSUCHIHAH
A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1350, CVE-2019-1352, CVE-2019-1354, CVE-2019-1387.

Affected

16 ranges
VendorProductVersion rangeFixed in
debiangit< git 1:2.24.0-2 (bookworm)git 1:2.24.0-2 (bookworm)
gitgit>= 0 < 1:2.24.0-21:2.24.0-2
gitgit>= 0 < 1:2.24.0-21:2.24.0-2
gitgit>= 0 < 1:2.24.0-21:2.24.0-2
gitgit>= 0 < 1:2.24.0-21:2.24.0-2
me-andcygwin-git< 2.31.1-22.31.1-2
microsoftmicrosoft_visual_studio_2017
microsoftmicrosoft_visual_studio_2017_version_15.9
microsoftmicrosoft_visual_studio_2019
microsoftmicrosoft_visual_studio_2019_version_16.4
microsoftvisual_studio_2017>= 15.0 < 15.9.1815.9.18
microsoftvisual_studio_2019>= 16.0 < 16.4.116.4.1
msrcmicrosoft_visual_studio_2017_version_15.0
msrcmicrosoft_visual_studio_2017_version_15.9
msrcmicrosoft_visual_studio_2019_version_16.0
msrcmicrosoft_visual_studio_2019_version_16.4

CVSS provenance

nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
osv8.8HIGH