Lucene search
K

6 matches found

OSV
OSV
added 2026/04/25 6:30 a.m.6 views

GHSA-HFFM-XVC3-VPRC simple-git is vulnerable to Remote Code Execution

Versions of the package simple-git before 3.36.0 are vulnerable to Remote Code Execution RCE due to an incomplete fix for CVE-2022-25912 that blocks the -c option but not the equivalent --config form. If untrusted input can reach the options argument passed to simple-git, an attacker may still...

9.8CVSS6.5AI score0.00877EPSS
Exploits1References5
NVD
NVD
added 2026/04/25 6:16 a.m.15 views

CVE-2026-6951

Versions of the package simple-git before 3.36.0 are vulnerable to Remote Code Execution RCE due to an incomplete fix for CVE-2022-25912 that blocks the -c option but not the equivalent --config form. If untrusted input can reach the options argument passed to simple-git, an attacker may still...

9.8CVSS0.00877EPSS
Exploits1References7
Vulnrichment
Vulnrichment
added 2026/04/25 5:0 a.m.4 views

CVE-2026-6951

Versions of the package simple-git before 3.36.0 are vulnerable to Remote Code Execution RCE due to an incomplete fix for CVE-2022-25912 that blocks the -c option but not the equivalent --config form. If untrusted input can reach the options argument passed to simple-git, an attacker may still...

9.8CVSS6.5AI score0.00877EPSS
Exploits1References4
Cvelist
Cvelist
added 2026/04/25 5:0 a.m.46 views

CVE-2026-6951

Versions of the package simple-git before 3.36.0 are vulnerable to Remote Code Execution RCE due to an incomplete fix for CVE-2022-25912 that blocks the -c option but not the equivalent --config form. If untrusted input can reach the options argument passed to simple-git, an attacker may still...

9.8CVSS0.00877EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/04/25 12:0 a.m.7 views

PT-2026-35132

Name of the Vulnerable Software and Affected Versions simple-git versions prior to 3.36.0 Description A Remote Code Execution RCE issue exists in the simple-git Node.js library due to improper code generation management and an incomplete fix for a previous flaw. The issue occurs because the...

10CVSS7.5AI score0.00877EPSS
Exploits2References141
Snyk
Snyk
added 2026/03/07 8:3 p.m.5 views

Remote Code Execution (RCE)

Overview org.webjars.npm:simple-git is an A light weight interface for running git commands in any node.js application. Affected versions of this package are vulnerable to Remote Code Execution RCE due to an incomplete fix for CVE-2022-25912 that blocks the -c option but not the equivalent --conf...

9.8CVSS9.4AI score0.02784EPSS
Exploits2References2
Rows per page
Query Builder