Описание
isomorphic-git before 1.8.2 allows Directory Traversal via a crafted repository.
A flaw was found in isomorphic-git. An attacker could cause a Directory Traversal via a crafted filepath in a repository being cloned.
Отчет
In Red Hat Virtualization, isomorphic-git is a build time dependency and is not delivered with the product. Therefore impact has been rated Low.
Дополнительная информация
Статус:
Moderate
Дефект:
CWE-22
https://bugzilla.redhat.com/show_bug.cgi?id=1988539isomorphic-git: Directory traversal via a crafted repository
EPSS
Процентиль: 53%
0.00306
Низкий
5.3 Medium
CVSS3
Связанные уязвимости
CVSS3: 5.3
nvd
больше 4 лет назад
isomorphic-git before 1.8.2 allows Directory Traversal via a crafted repository.
EPSS
Процентиль: 53%
0.00306
Низкий
5.3 Medium
CVSS3