28 matches found
Uncontrolled Search Path Element
git-bug before 0.7.2 has an Uncontrolled Search Path Element. It will execute git.bat from the current directory in certain PATH situations most often seen on Windows...
Remote Code Execution (RCE)
github.com/michaelmure/git-bug is vulnerable to remote code execution. The vulnerability exists due to an uncontrolled search path element. An attacker may craft a malicious git.bat command, commit it and push it in a repository and it will be executed when it is searched...
CVE-2021-28955
git-bug before 0.7.2 has an Uncontrolled Search Path Element. It will execute git.bat from the current directory in certain PATH situations most often seen on Windows...
CVE-2021-28955
git-bug before 0.7.2 has an Uncontrolled Search Path Element. It will execute git.bat from the current directory in certain PATH situations most often seen on Windows...
Code injection
git-bug before 0.7.2 has an Uncontrolled Search Path Element. It will execute git.bat from the current directory in certain PATH situations most often seen on Windows...
CVE-2021-28955
git-bug before 0.7.2 has an Uncontrolled Search Path Element. It will execute git.bat from the current directory in certain PATH situations most often seen on Windows...
CVE-2021-28955
The CVE-2021-28955 issue affects git-bug prior to version 0.7.2, which suffers from an Uncontrolled Search Path Element. In certain PATH configurations (notably on Windows), the process may execute git.bat from the current directory, enabling potential arbitrary code execution. Public advisories ...
Michael Muré git-bug 代码问题漏洞
Michael Muré git-bug is Michael Muré an open source application . It provides a bug tracker. A security vulnerability exists in git-bug before 0.7.2, which stems from an uncontrolled search path element...