5 matches found
EUVD-2022-1613
Malicious code in bioql PyPI...
Command injection in czproject/git-php
The package czproject/git-php before 4.0.3 are vulnerable to Command Injection via git argument injection. When calling the isRemoteUrlReadable$url, array $refs = NULL function, both the url and refs parameters are passed to the git ls-remote subcommand in a way that additional flags can be set...
GHSA-3XPW-VHMV-CW7H Command injection in czproject/git-php
The package czproject/git-php before 4.0.3 are vulnerable to Command Injection via git argument injection. When calling the isRemoteUrlReadable$url, array $refs = NULL function, both the url and refs parameters are passed to the git ls-remote subcommand in a way that additional flags can be set...
CVE-2022-25866
The package czproject/git-php before 4.0.3 are vulnerable to Command Injection via git argument injection. When calling the isRemoteUrlReadable$url, array $refs = NULL function, both the url and refs parameters are passed to the git ls-remote subcommand in a way that additional flags can be set...
PT-2022-17576 · Czproject · Gitphp
Name of the Vulnerable Software and Affected Versions: czproject/git-php versions prior to 4.0.3 Description: The issue allows for Command Injection via git argument injection. When calling the isRemoteUrlReadable$url, array $refs = NULL function, both the url and refs parameters are passed to th...