Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 6:16 a.m.7 views

CVE-2019-10776

In "index.js" file line 240, the run command executes the git command with a user controlled variable called remoteUrl. This affects git-diff-apply all versions prior to 0.22.2...

9.8CVSS6.8AI score0.02147EPSS
Exploits1References1
OSV
OSV
added 2020/01/07 7:15 p.m.22 views

CVE-2019-10776

In "index.js" file line 240, the run command executes the git command with a user controlled variable called remoteUrl. This affects git-diff-apply all versions prior to 0.22.2...

9.8CVSS6.7AI score
Exploits0References3
NVD
NVD
added 2020/01/07 7:15 p.m.34 views

CVE-2019-10776

In "index.js" file line 240, the run command executes the git command with a user controlled variable called remoteUrl. This affects git-diff-apply all versions prior to 0.22.2...

9.8CVSS9.4AI score0.02147EPSS
Exploits1References3
CVE
CVE
added 2020/01/07 6:27 p.m.91 views

CVE-2019-10776

CVE-2019-10776 affects the package git-diff-apply prior to v0.22.2. The vulnerability stems from unvalidated input in index.js where a run() command is constructed from a user-controlled remoteUrl, enabling OS command injection. Impact could include remote code execution if untrusted input is sup...

9.8CVSS9.3AI score0.02147EPSS
Exploits1References3Affected Software1
vulnersOsv
vulnersOsv
added 2020/01/06 5:7 p.m.10 views

@gulpjs/update-template (>=0.1.0 <=0.2.1), @lblod/ember-rdfa-editor-stemming-module-plugin (>=0.1.0 <=0.1.3) +11 more potentially affected by CVE-2019-10776 via git-diff-apply (>=0.0.5 <=0.22.10)

git-diff-apply NPM version =0.0.5, =0.1.0, =0.1.0, =0.8.0, =0.1.9, =0.0.1, =0.9.0, =0.2.2, =0.14.0, =3.0.0 Source cves: CVE-2019-10776 Source advisory: SNYK:JS-GITDIFFAPPLY-540774...

9.8CVSS7.2AI score0.02147EPSS
Exploits1
Rows per page
Query Builder