6 matches found
CVE-2022-1440
Command Injection vulnerability in [email protected] in GitHub repository yarkeev/git-interface prior to 2.1.2. If both are provided by user input, then the use of a --upload-pack command-line argument feature of git is also supported for git clone, which would then allow for any operating syst...
gitboost (>=0.0.5 <=0.0.6) potentially affected by CVE-2022-1440 via git-interface (=0.1.9)
git-interface NPM version =0.1.9 is affected by a known vulnerability. The following packages have a transitive dependency on git-interface and may be impacted: - gitboost =0.0.5, =0.0.6 Source cves: CVE-2022-1440 Source advisory: OSV:GHSA-QFFW-8WG7-H665...
CVE-2022-1440
creationtimestamp| type| source ---|---|--- 2022-04-22 22:27:58+00:00| seen| https://t.me/cibsecurity/41342...
CVE-2022-1440 Command Injection vulnerability in [email protected] in yarkeev/git-interface
Command Injection vulnerability in [email protected] in GitHub repository yarkeev/git-interface prior to 2.1.2. If both are provided by user input, then the use of a --upload-pack command-line argument feature of git is also supported for git clone, which would then allow for any operating syst...
CVE-2022-1440 Command Injection vulnerability in [email protected] in yarkeev/git-interface
Command Injection vulnerability in [email protected] in GitHub repository yarkeev/git-interface prior to 2.1.2. If both are provided by user input, then the use of a --upload-pack command-line argument feature of git is also supported for git clone, which would then allow for any operating syst...
CVE-2022-1440
CVE-2022-1440 affects git-interface in yarkeev/git-interface prior to 2.1.2. The root cause is lack of input filtering for the git clone path and the --upload-pack argument, enabling command execution on the host when both the remote and destination are provided by user input. Consequences descri...