0.002 Low
EPSS
Percentile
60.7%
mversion is vulnerable to OS Command Injection. The vulnerability exists as the values in the functions isRepositoryClean, and commit, that leads to cp.exec are not sanitized.
isRepositoryClean
commit
cp.exec
github.com/advisories/GHSA-qjg4-w4c6-f6c6
github.com/mikaelbr/mversion/commit/6c76c9efd27c7ff5a5c6f187e8b7a435c4722338
github.com/mikaelbr/mversion/security/advisories/GHSA-qjg4-w4c6-f6c6
securitylab.github.com/advisories/GHSL-2020-110-rce-mversion