Lucene search
GoogleOSV:GHSA-2W9P-XF5H-QWJ3HistoryMar 27, 2023 - 3:30 a.m.
pullit Command Injection vulnerability
2023-03-2703:30:16
Google
osv.dev
9
pullit package
node.js
command injection
vulnerability
software
git branch
0.002 Low
EPSS
Percentile
54.9%
The pullit package before 1.4.0 for Node.js allows OS Command Injection because eval() is used on an attacker-supplied Git branch name.
Related
nvd
nvd
CVE-2018-25083
2023-03-27 03:15:07
osv
osv
CVE-2018-25083
2023-03-27 03:15:07
pullit vulnerable to command injection
2020-09-03 16:47:30
cvelist
cvelist
CVE-2018-25083
2023-03-27 00:00:00
prion
prion
Command injection
2023-03-27 03:15:00
github
github
pullit vulnerable to command injection
2020-09-03 16:47:30
cve
cve
CVE-2018-25083
2023-03-27 03:15:07
veracode
veracode
Arbitrary Command Execution
2023-04-03 18:34:35