4 matches found
Command Injection
czproject/git-php is vulnerable to command injection. A remote attacker is able to use additional flags to perform command injections via the isRemoteUrlReadable function since the url and refs parameter passing process to the git ls-remote subcommand, allows additional flags to be set...
CVE-2022-25648
A flaw was found in ruby-git, where the package is vulnerable to command injection via the git argument. This flaw allows an attacker to set additional flags, which leads to performing command injections...
CVE-2022-25648
The package git before 1.11.0 are vulnerable to Command Injection via git argument injection. When calling the fetchremote = 'origin', opts = function, the remote parameter is passed to the git fetch subcommand in a way that additional flags can be set. The additional flags can be used to perform...
CVE-2022-21223
The package cocoapods-downloader before 1.6.2 are vulnerable to Command Injection via hg argument injection. When calling the download function when using hg, the url and/or revision, tag, branch is passed to the hg clone command in a way that additional flags can be set. The additional flags can...