Security Advisory

CVE-2019-10803

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-02-28 20:35:28

Last updated 2024-08-04 22:32:02

Assigner snyk

State PUBLISHED

Description

push-dir through 0.4.1 allows execution of arbritary commands. Arguments provided as part of the variable "opt.branch" is not validated before being provided to the "git" command within "index.js#L139". This could be abused by an attacker to inject arbitrary commands.

← Browse all CVEs View on cve.org ↗