CVE-2022-21235 in vcsinformazioni

Riassunto

di MITRE • 01/04/2022

The package github.com/masterminds/vcs before 1.13.3 are vulnerable to Command Injection via argument injection. When hg is executed, argument strings are passed to hg in a way that additional flags can be set. The additional flags can be used to perform a command injection.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Responsabile

Snyk

Prenotare

24/02/2022

Divulgazione

01/04/2022

Moderazione

accettato

CPE

pronto

EPSS

0.01818

KEV

no

Attività

molto basso

Fonti

Interested in the pricing of exploits?

See the underground prices here!