Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/12/04 8:12 p.m.3 views

CVE-2025-66219

willitmerge is a command line tool to check if pull requests are mergeable. In versions 0.2.1 and prior, there is a command Injection vulnerability in willitmerge. The vulnerability manifests in this package due to the use of insecure child process execution API exec to which it concatenates user...

9.8CVSS7.3AI score0.02413EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/11/29 1:34 a.m.4 views

CVE-2025-66219 willitmerge has a command Injection vulnerability

willitmerge is a command line tool to check if pull requests are mergeable. In versions 0.2.1 and prior, there is a command Injection vulnerability in willitmerge. The vulnerability manifests in this package due to the use of insecure child process execution API exec to which it concatenates user...

6.9CVSS6.9AI score0.02413EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/11/29 1:34 a.m.11 views

CVE-2025-66219 willitmerge has a command Injection vulnerability

willitmerge is a command line tool to check if pull requests are mergeable. In versions 0.2.1 and prior, there is a command Injection vulnerability in willitmerge. The vulnerability manifests in this package due to the use of insecure child process execution API exec to which it concatenates user...

6.9CVSS0.02413EPSS
Exploits1References2
OSV
OSV
added 2025/04/08 12:0 p.m.6 views

RUSTSEC-2025-0024 crossbeam-channel: double free on Drop

The internal Channel type's Drop method has a race which could, in some circumstances, lead to a double-free. This could result in memory corruption. Quoting from the upstream description in merge request \1187: The problem lies in the fact that dicardallmessages contained two paths that could le...

6.5CVSS6.9AI score0.00465EPSS
Exploits0References3
Rows per page
Query Builder