CVEs-PoC/2022/CVE-2022-21235.md at efebdd4f2d72a3494ec92163e9e88e00a3646b8a

CalvinBackup/CVEs-PoC

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2026-06-01 02:41:46 +02:00

Files

T

0xMarcio cb00e1339f Update CVE list 2025-09-29 21:09

2025-09-29 21:09:30 +02:00

Description

The package github.com/masterminds/vcs before 1.13.3 are vulnerable to Command Injection via argument injection. When hg is executed, argument strings are passed to hg in a way that additional flags can be set. The additional flags can be used to perform a command injection.

POC

Reference

https://snyk.io/vuln/SNYK-GOLANG-GITHUBCOMMASTERMINDSVCS-2437078

Github

https://github.com/ARPSyndicate/cvemon
https://github.com/dellalibera/dellalibera

869 B Raw Blame History

CVE-2022-21235

Description

POC

Reference

Github

869 B

Raw Blame History