CVE-2022-24376

creationtimestamp| type| source ---|---|--- 2022-06-11 00:34:53+00:00| seen| https://t.me/cibsecurity/44224...

@apsis/cli (=0.5.0), @asmallstudio/utilities (>=0.2.2 <=0.3.3) +121 more potentially affected by CVE-2022-24376 via git-promise (>=0.2.0 <=1.0.0)

git-promise NPM version =0.2.0, =0.2.2, =1.1.8, =1.0.0, =2.0.0-beta.10, =1.0.13, =1.0.0, =0.0.8, =1.1.1 - @efox/eslint-config-react-prittier-ts =1.0.19 - @efox/pay =1.0.8 - @efox/plugin-babel-react =1.0.1 - @emfc/emfc-cli =1.1.0 and more Source cves: CVE-2022-24376 Source advisory:...

CVE-2022-24376 Command Injection

All versions of package git-promise are vulnerable to Command Injection due to an inappropriate fix of a prior vulnerability in this package. Note: Please note that the vulnerability will not be fixed. The README file was updated with a warning regarding this issue...

CVE-2022-24376

CVE-2022-24376 (git-promise) is a command-injection vulnerability affecting all versions of the package due to an inappropriate fix of a prior issue. The available documents consistently state that there is no fixed version and that the README contains a warning about this vulnerability. The prac...

@apsis/cli (=0.5.0), @asmallstudio/utilities (>=0.2.2 <=0.3.3) +121 more potentially affected by CVE-2022-24376 via git-promise (>=0.2.0 <=1.0.0)

git-promise NPM version =0.2.0, =0.2.2, =1.1.8, =1.0.0, =2.0.0-beta.10, =1.0.13, =1.0.0, =0.0.8, =1.1.1 - @efox/eslint-config-react-prittier-ts =1.0.19 - @efox/pay =1.0.8 - @efox/plugin-babel-react =1.0.1 - @emfc/emfc-cli =1.1.0 and more Source cves: CVE-2022-24376 Source advisory:...