git-pull-or-clone is vulnerable to command injection. A remote attacker is able to inject malicious command-line arguments to be executed on the OS through the gitClone
function via the --upload-pack
feature of git.
CPE | Name | Operator | Version |
---|---|---|---|
git-pull-or-clone | le | 2.0.1 | |
git-pull-or-clone | le | 2.0.1 |