8 matches found
MGASA-2023-0001 Updated python-gitpython packages fix security vulnerability
Remote Code Execution RCE due to improper user input validation, which makes it possible to inject a maliciously crafted remote URL into the clone command. Exploiting this vulnerability is possible because the library makes external calls to git without sufficient sanitization of input arguments...
Updated python-gitpython packages fix security vulnerability
Remote Code Execution RCE due to improper user input validation, which makes it possible to inject a maliciously crafted remote URL into the clone command. Exploiting this vulnerability is possible because the library makes external calls to git without sufficient sanitization of input arguments...
CVE-2022-25912 Remote Code Execution (RCE)
The package simple-git before 3.15.0 are vulnerable to Remote Code Execution RCE when enabling the ext transport protocol, which makes it exploitable via clone method. This vulnerability exists due to an incomplete fix of CVE-2022-24066...
Remote Code Execution (RCE)
simple-git is vulnerable to remote code execution.The vulnerability exists in the clone function of git.js because of enabling the ext transport protocol which allows an attacker to inject and execute arbitrary codes into the system. This is an incomplete fix of CVE-2022-24066...
GHSA-9P95-FXVG-QGQ2 simple-git vulnerable to Remote Code Execution when enabling the ext transport protocol
The package simple-git before 3.15.0 is vulnerable to Remote Code Execution RCE when enabling the ext transport protocol, which makes it exploitable via clone method. This vulnerability exists due to an incomplete fix of CVE-2022-24066...
Design/Logic Flaw
The package simple-git before 3.15.0 are vulnerable to Remote Code Execution RCE when enabling the ext transport protocol, which makes it exploitable via clone method. This vulnerability exists due to an incomplete fix of CVE-2022-24066...
Remote Code Execution (RCE)
Overview GitPython is a python library used to interact with Git repositories Affected versions of this package are vulnerable to Remote Code Execution RCE due to improper user input validation, which makes it possible to inject a maliciously crafted remote URL into the clone command. Exploiting...
Remote Code Execution (RCE)
Overview simple-git is a light weight interface for running git commands in any node.js application. Affected versions of this package are vulnerable to Remote Code Execution RCE when enabling the ext transport protocol, which makes it exploitable via clone method. This vulnerability exists due t...