{
  "threat_severity" : "Low",
  "public_date" : "2019-12-10T00:00:00Z",
  "bugzilla" : {
    "description" : "git: NTFS protections inactive when running Git in the Windows Subsystem for Linux",
    "id" : "1781966",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1781966"
  },
  "cvss3" : {
    "cvss3_base_score" : "7.5",
    "cvss3_scoring_vector" : "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
    "status" : "draft"
  },
  "cwe" : "CWE-358",
  "details" : [ "An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. When running Git in the Windows Subsystem for Linux (also known as \"WSL\") while accessing a working directory on a regular Windows drive, none of the NTFS protections were active." ],
  "statement" : "This issue did not affect the versions of git as shipped with Red Hat Enterprise Linux 6, 7, and 8 as NTFS filesystems are not supported nor the Windows Subsystem for Linux (WSL).",
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Not affected",
    "package_name" : "git",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Not affected",
    "package_name" : "git",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "fix_state" : "Not affected",
    "package_name" : "git",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8"
  }, {
    "product_name" : "Red Hat Software Collections",
    "fix_state" : "Not affected",
    "package_name" : "rh-git218-git",
    "cpe" : "cpe:/a:redhat:rhel_software_collections:3"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2019-1353\nhttps://nvd.nist.gov/vuln/detail/CVE-2019-1353\nhttps://github.com/git/git/security/advisories/GHSA-589j-mmg9-733v" ],
  "name" : "CVE-2019-1353",
  "csaw" : false
}