Lucene search
GoogleOSV:CVE-2022-24066HistoryApr 01, 2022 - 8:15 p.m.
CVE-2022-24066
2022-04-0120:15:08
Google
osv.dev
2
The package simple-git before 3.5.0 are vulnerable to Command Injection due to an incomplete fix of CVE-2022-24433 which only patches against the git fetch attack vector. A similar use of the --upload-pack feature of git is also supported for git clone, which the prior fix didn’t cover.
Related
cvelist
cvelist
CVE-2022-24066 Command Injection
2022-04-01 00:00:00
CVE-2022-24433 Command Injection
2022-03-11 00:00:00
CVE-2022-25912 Remote Code Execution (RCE)
2022-12-06 00:00:00
veracode
veracode
Command Injection
2022-04-04 07:25:24
Command Injection
2022-03-14 14:21:51
Remote Code Execution (RCE)
2022-12-08 03:15:42
prion
prion
Command injection
2022-04-01 20:15:00
Command injection
2022-03-11 17:16:00
Design/Logic Flaw
2022-12-06 05:15:00
osv
osv
Command injection in simple-git
2022-04-02 00:00:13
Command injection in simple-git
2022-03-12 00:00:33
CVE-2022-24433
2022-03-11 17:16:06
nvd
nvd
cve
cve
github
github
Command injection in simple-git
2022-04-02 00:00:13
Command injection in simple-git
2022-03-12 00:00:33
cnvd
cnvd
unspecified vulnerability in simple-git-hooks
2022-04-05 00:00:00
