The package... CVE-2022-21235

6.8 AV AC AU C I A
发布: 2022-04-01
修订: 2024-11-21

The package github.com/masterminds/vcs before 1.13.3 are vulnerable to Command Injection via argument injection. When hg is executed, argument strings are passed to hg in a way that additional flags can be set. The additional flags can be used to perform a command injection.

0%
暂无可用Exp或PoC
当前有1条受影响产品信息