11 matches found
EUVD-2018-0401
Malware in sbrugna...
conventional-changelog-semf-config (=1.0.4) potentially affected by CVE-2018-3785 via git-dummy-commit (=1.3.0)
git-dummy-commit NPM version =1.3.0 is affected by a known vulnerability. The following packages have a transitive dependency on git-dummy-commit and may be impacted: - conventional-changelog-semf-config =1.0.4 Source cves: CVE-2018-3785 Source advisory: OSV:GHSA-H3C2-X77C-7PVR...
GHSA-H3C2-X77C-7PVR Command Injection in git-dummy-commit
A command injection in git-dummy-commit v1.3.0 allows os level commands to be executed due to an unescaped parameter...
Command Injection in git-dummy-commit
A command injection in git-dummy-commit v1.3.0 allows os level commands to be executed due to an unescaped parameter...
git-dummy-commit command injection vulnerability
git-dummy-commit is a code commit package. A command injection vulnerability exists in git-dummy-commit version 1.3.0, which stems from the program failing to encode the 'msg' parameter. An attacker can exploit this vulnerability to execute operating system commands...
CVE-2018-3785
A command injection in git-dummy-commit v1.3.0 allows os level commands to be executed due to an unescaped parameter...
Command injection
A command injection in git-dummy-commit v1.3.0 allows os level commands to be executed due to an unescaped parameter...
CVE-2018-3785
A command injection in git-dummy-commit v1.3.0 allows os level commands to be executed due to an unescaped parameter...
CVE-2018-3785
A command injection in git-dummy-commit v1.3.0 allows os level commands to be executed due to an unescaped parameter...
PT-2018-16202 · Unknown · Git-Dummy-Commit
Name of the Vulnerable Software and Affected Versions: git-dummy-commit version 1.3.0 Description: A command injection issue allows OS level commands to be executed due to an unescaped parameter. Recommendations: For git-dummy-commit version 1.3.0, consider restricting the use of the vulnerable...
Node.js third-party modules: [git-dummy-commit] Command injection on the msg parameter
Hi there, I've found a Command Injection on the "git-dummy-commit" module. Module module name: git-dummy-commit version: 1.3.0 npm page: https://www.npmjs.com/package/git-dummy-commit Module Description Create a dummy commit for testing Module Stats 62 downloads in the last day 94 downloads in th...