Lucene search
+L

7 matches found

redhatcve
redhatcve
added 2026/05/26 8:13 p.m.13 views

CVE-2026-3515

A vulnerability in the GitHubRepository block of the prefect-github integration in Prefect version 3.6.18 allows an attacker to inject arbitrary git command-line options via the reference field. The reference field is concatenated directly into a git clone command string without proper...

8.5CVSS7.9AI score0.00298EPSS
Exploits0References1
osv
osv
added 2026/05/26 1:30 p.m.4 views

GHSA-CW25-2P92-7F75 Prefect has an Argument Injection issue

A vulnerability in the GitHubRepository block of the prefect-github integration in Prefect version 3.6.18 allows an attacker to inject arbitrary git command-line options via the reference field. The reference field is concatenated directly into a git clone command string without proper...

8.5CVSS8AI score0.00298EPSS
Exploits0References3
cvelist
cvelist
added 2026/05/24 3:32 a.m.22 views

CVE-2026-3515 Argument Injection in prefecthq/prefect

A vulnerability in the GitHubRepository block of the prefect-github integration in Prefect version 3.6.18 allows an attacker to inject arbitrary git command-line options via the reference field. The reference field is concatenated directly into a git clone command string without proper...

8.5CVSS0.00298EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/05/24 3:32 a.m.10 views

CVE-2026-3515 Argument Injection in prefecthq/prefect

A vulnerability in the GitHubRepository block of the prefect-github integration in Prefect version 3.6.18 allows an attacker to inject arbitrary git command-line options via the reference field. The reference field is concatenated directly into a git clone command string without proper...

8.5CVSS7.9AI score0.00298EPSS
Exploits0References1
euvd
euvd
added 2026/05/24 3:32 a.m.16 views

EUVD-2026-31563

A vulnerability in the GitHubRepository block of the prefect-github integration in Prefect version 3.6.18 allows an attacker to inject arbitrary git command-line options via the reference field. The reference field is concatenated directly into a git clone command string without proper...

8.5CVSS7.9AI score0.00298EPSS
Exploits0References1
attackerkb
attackerkb
added 2026/05/24 3:32 a.m.11 views

CVE-2026-3515

A vulnerability in the GitHubRepository block of the prefect-github integration in Prefect version 3.6.18 allows an attacker to inject arbitrary git command-line options via the reference field. The reference field is concatenated directly into a git clone command string without proper...

8.5CVSS7.9AI score0.00298EPSS
Exploits0References2
cve
cve
added 2026/05/24 3:32 a.m.29 views

CVE-2026-3515

CVE-2026-3515 affects Prefect 3.6.18, specifically the GitHubRepository block of the prefect-github integration. The vulnerability lies in how the reference field is concatenated into a git clone command and then parsed with shlex.split(), allowing an attacker to inject arbitrary git options (e.g...

8.5CVSS7.9AI score0.00298EPSS
Exploits0References1
Rows per page
Query Builder