Lucene search
PRIOn knowledge basePRION:CVE-2022-24066HistoryApr 01, 2022 - 8:15 p.m.
Command injection
2022-04-0120:15:00
PRIOn knowledge base
www.prio-n.com
3
The package simple-git before 3.5.0 are vulnerable to Command Injection due to an incomplete fix of CVE-2022-24433 which only patches against the git fetch attack vector. A similar use of the --upload-pack feature of git is also supported for git clone, which the prior fix didn’t cover.
| CPE | Name | Operator | Version |
|---|---|---|---|
| simple-git | lt | 3.5.0 |
Related
cvelist
cvelist
CVE-2022-24066 Command Injection
2022-04-01 00:00:00
CVE-2022-24433 Command Injection
2022-03-11 00:00:00
CVE-2022-25912 Remote Code Execution (RCE)
2022-12-06 00:00:00
osv
osv
CVE-2022-24066
2022-04-01 20:15:08
Command injection in simple-git
2022-04-02 00:00:13
Command injection in simple-git
2022-03-12 00:00:33
veracode
veracode
Command Injection
2022-04-04 07:25:24
Command Injection
2022-03-14 14:21:51
Remote Code Execution (RCE)
2022-12-08 03:15:42
cve
cve
github
github
Command injection in simple-git
2022-04-02 00:00:13
Command injection in simple-git
2022-03-12 00:00:33
nvd
nvd
cnvd
cnvd
unspecified vulnerability in simple-git-hooks
2022-04-05 00:00:00
prion
prion
Command injection
2022-03-11 17:16:00
Design/Logic Flaw
2022-12-06 05:15:00
