Lucene search
GoogleOSV:CVE-2021-23326HistoryJan 20, 2021 - 1:15 p.m.
CVE-2021-23326
2021-01-2013:15:12
Google
osv.dev
2
vulnerability
package
command injection
graphql
code execution
This affects the package @graphql-tools/git-loader before 6.2.6. The use of exec and execSync in packages/loaders/git/src/load-git.ts allows arbitrary command injection.
References
Related
osv
osv
Command Injection in @graphql-tools/git-loader
2021-01-29 18:13:14
redhatcve
redhatcve
CVE-2021-23326
2021-02-04 16:22:44
nvd
nvd
CVE-2021-23326
2021-01-20 13:15:12
prion
prion
Command injection
2021-01-20 13:15:00
cvelist
cvelist
CVE-2021-23326 Command Injection
2021-01-20 12:30:15
nodejs
nodejs
Command Injection
2021-02-22 17:42:01
github
github
Command Injection in @graphql-tools/git-loader
2021-01-29 18:13:14
cve
cve
CVE-2021-23326
2021-01-20 13:15:12
veracode
veracode
Command Injection
2021-01-21 06:59:20