2 matches found
Arbitrary Command Injection
Overview renovate is a dependency updater. Affected versions of this package are vulnerable to Arbitrary Command Injection due to the improper sanitazation of user-supplied depName in the packagesToInstall and packagesToUninstall functions of hermit manager. An attacker can execute arbitrary...
Arbitrary Command Injection
Overview renovate is a dependency updater. Affected versions of this package are vulnerable to Arbitrary Command Injection due to the improper sanitazation of user-supplied chart name in the helmRepositoryArgs function of kustomize manager. An attacker can execute arbitrary commands on the host...