« List of all CVEs

CVE-2019-19604

Published: 12/10/2019 Last updated: 8/5/2024 Reserved: 12/5/2019

Arbitrary command execution is possible in Git before 2.20.2, 2.21.x before 2.21.1, 2.22.x before 2.22.2, 2.23.x before 2.23.1, and 2.24.x before 2.24.1 because a "git submodule update" operation can run commands found in the .gitmodules file of a malicious repository.

CNA assigner: mitre (8254265b-2729-46b6-b9e3-3dfca2d5bfca) Requested by: n/a

Opam packages affected (1)

conf-git

Products affected (1)

Product Vendor Version
n/a n/a 22.0 ap366609

References (20)