Lucene search

K
prionPRIOn knowledge basePRION:CVE-2022-25912
HistoryDec 06, 2022 - 5:15 a.m.

Design/Logic Flaw

2022-12-0605:15:00
PRIOn knowledge base
www.prio-n.com
7
simple-git
remote code execution
rce
clone() method
ext transport protocol
vulnerability

9.6 High

AI Score

Confidence

High

0.014 Low

EPSS

Percentile

86.4%

The package simple-git before 3.15.0 are vulnerable to Remote Code Execution (RCE) when enabling the ext transport protocol, which makes it exploitable via clone() method. This vulnerability exists due to an incomplete fix of CVE-2022-24066.

CPENameOperatorVersion
simple-gitlt3.15.0

9.6 High

AI Score

Confidence

High

0.014 Low

EPSS

Percentile

86.4%