EUVD-2021-32194

Malicious code in bioql PyPI...

git-archive vulnerable to Command Injection via exports function

All versions of package git-archive are vulnerable to Command Injection via the exports function...

GHSA-VQGR-MFXM-47F3 git-archive vulnerable to Command Injection via exports function

All versions of package git-archive are vulnerable to Command Injection via the exports function...

CVE-2020-28422

All versions of package git-archive are vulnerable to Command Injection via the exports function...

Command injection

All versions of package git-archive are vulnerable to Command Injection via the exports function...

CVE-2020-28422 Command Injection

All versions of package git-archive are vulnerable to Command Injection via the exports function...

PT-2022-8885 · Unknown · Git-Archive

Name of the Vulnerable Software and Affected Versions: git-archive versions all Description: The issue concerns Command Injection via the exports function. This allows for potential execution of arbitrary commands. Recommendations: For all versions, consider disabling the exports function as a...

git-archive 命令注入漏洞

git-archive is a module by Noah Isaacson, an individual developer, that takes a bare git repo, archives it, and exports it as a tarball to a given path. A security vulnerability exists in git-archive that stems from easy command injection via the exports function...

Command Injection

Overview git-archive is a module to take a bare git repo, archive it, and export it as a tarball to a given path Affected versions of this package are vulnerable to Command Injection via the exports function. Remediation There is no fixed version for git-archive. Credit: JHU System Security Lab...

CVE-2020-7603

closure-compiler-stream through 0.1.15 allows execution of arbitrary commands. The argument "options" of the exports function in "index.js" can be controlled by users without any sanitization...