An issue exists in libgit2 prior to 0.28.4 and 0.9x prior to 0.99.0. checkout.c mishandles equivalent filenames that exist because of NTFS short names. This may allow remote code execution when cloning a repository. This issue is similar to CVE-2019-1353.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
libgit2 libgit2 |
||
debian debian linux 9.0 |