Lucene search

K
osvGoogleOSV:GHSA-CHJ3-F7XW-367M
HistoryJun 11, 2022 - 12:00 a.m.

OS Command Injection in git-promise

2022-06-1100:00:18
Google
osv.dev
8

0.009 Low

EPSS

Percentile

82.4%

All versions of package git-promise is vulnerable to Command Injection due to an inappropriate fix of a prior vulnerability in this package. Note: Please note that the vulnerability will not be fixed. The README file was updated with a warning regarding this issue.

Credits

@lirantal for discovering this vulnerability.

CPENameOperatorVersion
git-promisele1.0.0

0.009 Low

EPSS

Percentile

82.4%

Related for OSV:GHSA-CHJ3-F7XW-367M