ALPINE-CVE-2019-1353

ALPINE-CVE-2019-1353 PUBLISHED CVSS 9.800000190734863 CRITICAL

An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. When running Git in the Windows Subsystem for Linux (also known as "WSL") while accessing a working directory on a regular Windows drive, none of the NTFS protections were active.

Risk Scores

CVSS v3.1

9.800000190734863

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Products

Vendor	Product	Versions
Alpine:v3.20	git	1.7.4.2-r0, 1.7.0.3-r0, 1.7.0.4-r0
Alpine:v3.10	git	2.3.5-r0, 2.3.4-r0, 2.3.3-r0
Alpine:v3.22	git	2.13.2-r1, 1.6.1.3-r1, 0
Alpine:v3.8	git	1.7.1-r0, 1.7.1-r1, 1.7.1-r2
Alpine:v3.11	git	2.16.0-r0, 2.16.1-r0, 2.16.2-r0
Alpine:v3.16	git	1.7.5.3-r0, 1.6.0.4-r1, 1.6.0.4-r2
Alpine:v3.17	git	2.6.0-r2, 2.24.0-r0, 2.7.3-r0
Alpine:v3.11	libgit2	0.23.2-r0, 0.27.4-r0, 0.27.3-r0
Alpine:v3.23	git	1.8.3-r0, 2.16.2-r0, 2.15.1-r0
Alpine:v3.9	git	1.6.0.4-r1, 1.6.1.3-r1, 1.6.2.1-r0
Alpine:v3.14	git	2.15.1-r0, 1.7.10.1-r0, 1.8.5.1-r0
Alpine:v3.18	git	1.7.9.6-r0, 2.9.2-r0, 2.9.1-r0
Alpine:v3.15	git	2.0.4-r0, 2.13.3-r0, 2.13.2-r1
Alpine:v3.19	git	2.10.2-r0, 2.21.0-r4, 2.21.0-r3
Alpine:v3.13	git	2.9.3-r0, 0, 1.6.0.4-r1
Alpine:v3.12	git	1.6.0.4-r1, 1.6.0.4-r2, 1.6.1-r0
Alpine:v3.7	git	1.7.4-r1, 1.6.0.4-r1, 1.6.0.4-r2
Alpine:v3.21	git	1.7.8.4-r0, 2.9.3-r0, 2.9.2-r0

Timeline

Jan 24, 2020 CVE Published
Dec 3, 2025 CVE Updated
Apr 30, 2026 Distribution Patch

References

https://security.alpinelinux.org/vuln/CVE-2019-1353 advisory

Open in Interactive Console →