2 matches found
pnpm: Git Fetch Argument Injection via Lockfile resolution.commit
Summary pnpm passes the lockfile-controlled git resolution.commit value to git fetch without a -- separator or commit-format validation. For git dependencies fetched through the shallow-fetch path, a malicious lockfile can replace the expected 40-character commit hash with a Git option such as...
CVE-2026-50014
Summary: CVE-2026-50014 affects pnpm prior to 10.34.0 and 11.4.0. The lockfile-controlled git resolution.commit value is passed to git fetch without a separator or commit-format validation, enabling a malicious lockfile to inject git options (notably --upload-pack) in shallow-fetch paths. This ca...