Lucene search
Veracode Vulnerability DatabaseVERACODE:34681HistoryMar 14, 2022 - 2:21 p.m.
Command Injection
2022-03-1414:21:51
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
10
0.006 Low
EPSS
Percentile
77.8%
simple-git is vulnerable to command injection. The vulnerability exists in fetchTask function in fetch.ts due to the use of --upload-pack in git.fetch which allows an attacker to inject and execute arbitrary codes.
| CPE | Name | Operator | Version |
|---|---|---|---|
| simple-git | le | 3.2.6 | |
| simple-git | le | 3.2.6 |
Related
github
github
Command injection in simple-git
2022-03-12 00:00:33
Command injection in simple-git
2022-04-02 00:00:13
cve
cve
CVE-2022-24433
2022-03-11 17:16:06
CVE-2022-24066
2022-04-01 20:15:08
osv
osv
Command injection in simple-git
2022-03-12 00:00:33
CVE-2022-24433
2022-03-11 17:16:06
CVE-2022-24066
2022-04-01 20:15:08
cvelist
cvelist
CVE-2022-24433 Command Injection
2022-03-11 00:00:00
CVE-2022-24066 Command Injection
2022-04-01 00:00:00
nvd
nvd
CVE-2022-24433
2022-03-11 17:16:06
CVE-2022-24066
2022-04-01 20:15:08
prion
prion
Command injection
2022-03-11 17:16:00
Command injection
2022-04-01 20:15:00
veracode
veracode
Command Injection
2022-04-04 07:25:24
