cve/CVE-2019-10803.md at 4024663e83c70ac127726b49919178f8121c5338

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-28 17:22:02 +00:00

0xMarcio 48a00929ac Removed duplicates

2024-06-18 02:51:15 +02:00

Description

push-dir through 0.4.1 allows execution of arbritary commands. Arguments provided as part of the variable "opt.branch" is not validated before being provided to the "git" command within "index.js#L139". This could be abused by an attacker to inject arbitrary commands.

POC

Reference

https://snyk.io/vuln/SNYK-JS-PUSHDIR-559009

Github

No PoCs found on GitHub currently.

751 B Raw Blame History

CVE-2019-10803

Description

POC

Reference

Github

751 B

Raw Blame History