Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:36286
HistoryJul 07, 2022 - 9:21 a.m.

Command Injection

2022-07-0709:21:58
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
18

0.004 Low

EPSS

Percentile

74.0%

git-clone is vulnerable to command injection. The vulnerability exists due to the insecure usage of the --upload-pack feature of git. An attacker with the ability to control the options object provided to the clone() function through the options.args array, is able to inject arbitrary commands to run when the clone function is called.

CPENameOperatorVersion
git-clonele0.2.0
git-clonele0.2.0

0.004 Low

EPSS

Percentile

74.0%

Related for VERACODE:36286