← Back

Push Dir

push-dir

Vendor: Push Dir Project • 1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2019-10803
1Push Dir Project
1Push Dir
Nov 21, 2024
Feb 28, 2020
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
push-dir through 0.4.1 allows execution of arbritary commands. Arguments provided as part of the variable "opt.branch" is not validated before being provided to the "git" command within "index.js#L139". This could be abu...Show more
push-dir through 0.4.1 allows execution of arbritary commands. Arguments provided as part of the variable "opt.branch" is not validated before being provided to the "git" command within "index.js#L139". This could be abused by an attacker to inject arbitrary commands.Show less