CVE-2019-1351
published 2020-01-24CVE-2019-1351: A tampering vulnerability exists when Git for Visual Studio improperly handles virtual drive paths, aka 'Git for Visual Studio Tampering Vulnerability'.
high7.5CVSS 3.1
AVNACLPRNUINSUCNIHAN
A tampering vulnerability exists when Git for Visual Studio improperly handles virtual drive paths, aka 'Git for Visual Studio Tampering Vulnerability'.
Affected
16 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | git | < git 1:2.24.0-2 (bookworm) | git 1:2.24.0-2 (bookworm) |
| git | git | >= 0 < 1:2.24.0-2 | 1:2.24.0-2 |
| git | git | >= 0 < 1:2.24.0-2 | 1:2.24.0-2 |
| git | git | >= 0 < 1:2.24.0-2 | 1:2.24.0-2 |
| git | git | >= 0 < 1:2.24.0-2 | 1:2.24.0-2 |
| microsoft | microsoft_visual_studio_2017 | — | — |
| microsoft | microsoft_visual_studio_2017_version_15.9 | — | — |
| microsoft | microsoft_visual_studio_2019 | — | — |
| microsoft | microsoft_visual_studio_2019_version_16.4 | — | — |
| microsoft | visual_studio_2017 | >= 15.0 < 15.9.18 | 15.9.18 |
| microsoft | visual_studio_2019 | >= 16.0 < 16.4.1 | 16.4.1 |
| msrc | microsoft_visual_studio_2017_version_15.0 | — | — |
| msrc | microsoft_visual_studio_2017_version_15.9 | — | — |
| msrc | microsoft_visual_studio_2019_version_16.0 | — | — |
| msrc | microsoft_visual_studio_2019_version_16.4 | — | — |
| opensuse | leap | — | — |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
osv7.5HIGH