4 matches found
heroic-games-launcher-2.20.1-3.1 on GA media (moderate)
heroic-games-launcher-2.20.1-3.1 on GA media Announcement ID: openSUSE-SU-2026:10327-1 Rating: moderate Cross-References: CVE-2026-28292 CVSS scores: CVE-2026-28292 SUSE : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: openSUSE Tumbleweed An update that solves one vulnerabili...
CVE-2026-28292
simple-git, an interface for running git commands in any node.js application, has an issue in versions 3.15.0 through 3.32.2 that allows an attacker to bypass two prior CVE fixes CVE-2022-25860 and CVE-2022-25912 and achieve full remote code execution on the host machine. Version 3.23.0 contains ...
CVE-2026-28292
The CVE-2026-28292 entry concerns the Node.js package simple-git. Affected versions are 3.15.0 through 3.32.2 and the issue bypasses prior fixes from CVE-2022-25860 and CVE-2022-25912, enabling full remote code execution on the host. A fix is noted in version 3.23.0. No exploitation details or in...
CVE-2026-28292 simple-git has blockUnsafeOperationsPlugin bypass via case-insensitive protocol.allow config key enables RCE
simple-git, an interface for running git commands in any node.js application, has an issue in versions 3.15.0 through 3.32.2 that allows an attacker to bypass two prior CVE fixes CVE-2022-25860 and CVE-2022-25912 and achieve full remote code execution on the host machine. Version 3.23.0 contains ...