simple-git is vulnerable to Remote Code Execution (RCE). The vulnerability exists due to improper sanitization of the clone()
, pull()
, push()
and listRemote()
methods which allows an attacker to execute arbitrary code.
CPE | Name | Operator | Version |
---|---|---|---|
simple-git | le | 3.15.1 | |
simple-git | le | 3.15.1 |