2 matches found
Git argument injection in deployment pull steps via unsanitized commit_sha enables RCE on workers
Description Prefect's GitRepository storage class passes user-controlled commitsha values as positional arguments to git commands without a -- separator. The commitsha parameter accepts arbitrary strings with no format validation no hex check, no length check. This allows injection of git flags...
Wrangler affected by OS Command Injection in `wrangler pages deploy`
Summary A command injection vulnerability CWE-78 has been found to exist in the wrangler pages deploy command. The issue occurs because the --commit-hash parameter is passed directly to a shell command without proper validation or sanitization, allowing an attacker with control of --commit-hash t...