Описание
webcheckout in myrepos through 1.20171231 does not sanitize URLs that are passed to git clone, allowing a malicious website operator or a MitM attacker to take advantage of it for arbitrary code execution, as demonstrated by an "ext::sh -c" attack or an option injection attack.
Ссылки
- ExploitPatchThird Party Advisory
- ExploitPatchThird Party Advisory
Уязвимые конфигурации
EPSS
7.5 High
CVSS3
5.1 Medium
CVSS2
Дефекты
Связанные уязвимости
webcheckout in myrepos through 1.20171231 does not sanitize URLs that are passed to git clone, allowing a malicious website operator or a MitM attacker to take advantage of it for arbitrary code execution, as demonstrated by an "ext::sh -c" attack or an option injection attack.
webcheckout in myrepos through 1.20171231 does not sanitize URLs that ...
webcheckout in myrepos through 1.20171231 does not sanitize URLs that are passed to git clone, allowing a malicious website operator or a MitM attacker to take advantage of it for arbitrary code execution, as demonstrated by an "ext::sh -c" attack or an option injection attack.
EPSS
7.5 High
CVSS3
5.1 Medium
CVSS2