Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 11:8 p.m.15 views

CVE-2022-1440

Command Injection vulnerability in [email protected] in GitHub repository yarkeev/git-interface prior to 2.1.2. If both are provided by user input, then the use of a --upload-pack command-line argument feature of git is also supported for git clone, which would then allow for any operating syst...

10CVSS7.2AI score0.03928EPSS
Exploits1References1
vulnersOsv
vulnersOsv
added 2022/04/23 12:3 a.m.5 views

gitboost (>=0.0.5 <=0.0.6) potentially affected by CVE-2022-1440 via git-interface (=0.1.9)

git-interface NPM version =0.1.9 is affected by a known vulnerability. The following packages have a transitive dependency on git-interface and may be impacted: - gitboost =0.0.5, =0.0.6 Source cves: CVE-2022-1440 Source advisory: OSV:GHSA-QFFW-8WG7-H665...

10CVSS7.2AI score0.03928EPSS
Exploits1
Circl
Circl
added 2022/04/22 10:27 p.m.5 views

CVE-2022-1440

creationtimestamp| type| source ---|---|--- 2022-04-22 22:27:58+00:00| seen| https://t.me/cibsecurity/41342...

10CVSS8.7AI score0.03928EPSS
Exploits1References1
OSV
OSV
added 2022/04/22 5:30 p.m.24 views

CVE-2022-1440 Command Injection vulnerability in [email protected] in yarkeev/git-interface

Command Injection vulnerability in [email protected] in GitHub repository yarkeev/git-interface prior to 2.1.2. If both are provided by user input, then the use of a --upload-pack command-line argument feature of git is also supported for git clone, which would then allow for any operating syst...

9.8CVSS9.7AI score0.03928EPSS
Exploits1References4
Cvelist
Cvelist
added 2022/04/22 5:30 p.m.29 views

CVE-2022-1440 Command Injection vulnerability in [email protected] in yarkeev/git-interface

Command Injection vulnerability in [email protected] in GitHub repository yarkeev/git-interface prior to 2.1.2. If both are provided by user input, then the use of a --upload-pack command-line argument feature of git is also supported for git clone, which would then allow for any operating syst...

9.8CVSS10AI score0.03928EPSS
Exploits1References2
CVE
CVE
added 2022/04/22 5:30 p.m.82 views

CVE-2022-1440

CVE-2022-1440 affects git-interface in yarkeev/git-interface prior to 2.1.2. The root cause is lack of input filtering for the git clone path and the --upload-pack argument, enabling command execution on the host when both the remote and destination are provided by user input. Consequences descri...

10CVSS9.8AI score0.03928EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder