Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:38364
HistoryDec 08, 2022 - 3:15 a.m.

Remote Code Execution (RCE)

2022-12-0803:15:42
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
14
remote code execution
simple-git
clone function
vulnerability
git.js
ext transport protocol
arbitrary codes
system
incomplete fix
cve-2022-24066
software

0.014 Low

EPSS

Percentile

86.4%

simple-git is vulnerable to remote code execution.The vulnerability exists in the clone() function of git.js because of enabling the ext transport protocol which allows an attacker to inject and execute arbitrary codes into the system. This is an incomplete fix of CVE-2022-24066.

0.014 Low

EPSS

Percentile

86.4%