An issue was discovered in libgit2 before 0.28.4 and 0.9x before 0.99.0. path.c mishandles equivalent filenames that exist because of NTFS Alternate Data Streams. This may allow remote code execution when cloning a repository. This issue is similar to CVE-2019-1352.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2020-04-27T00:00:00
Updated: 2024-08-04T11:48:58.550Z
Reserved: 2020-04-27T00:00:00
Link: CVE-2020-12278
Vulnrichment
No data.
NVD
Status : Modified
Published: 2020-04-27T17:15:13.407
Modified: 2024-11-21T04:59:26.073
Link: CVE-2020-12278
Redhat