Security Advisory

CVE-2021-44684

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-12-06 23:37:38

Last updated 2024-08-04 04:25:16

Assigner mitre

State PUBLISHED

Description

naholyr github-todos 3.1.0 is vulnerable to command injection. The range argument for the _hook subcommand is concatenated without any validation, and is directly used by the exec function.

← Browse all CVEs View on cve.org ↗