Description
giting version prior to 0.0.8 allows execution of arbritary commands. The first argument "repo" of function "pull()" is executed by the package without any validation.
No analysis available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
EUVD |
EUVD-2021-0763 | giting version prior to 0.0.8 allows execution of arbritary commands. The first argument "repo" of function "pull()" is executed by the package without any validation. |
Github GHSA |
GHSA-53xj-v576-3ch2 | OS Command Injection in giting |
References
History
No history.
Status: PUBLISHED
Assigner: snyk
Published:
Updated: 2024-08-04T22:32:01.688Z
Reserved: 2019-04-03T00:00:00.000Z
Link: CVE-2019-10802
No data.
Status : Modified
Published: 2020-02-28T21:15:12.947
Modified: 2026-06-17T02:11:42.103
Link: CVE-2019-10802
No data.
OpenCVE Enrichment
No data.
Weaknesses
-
CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
EUVD
Github GHSA