isomorphic-git is a pure JavaScript implementation of open source git for node and browser environments (including WebWorkers and ServiceWorkers). isomorphic-git is vulnerable to path traversal prior to 1.8.2, which stems from the fact that isomorphic-git allows directory traversal via carefully crafted repositories for directory traversal. An attacker could exploit this vulnerability to obtain sensitive information.
CPE | Name | Operator | Version |
---|---|---|---|
isomorphic-git isomorphic-git | lt | 1.8.2 |