The package ungit before 1.5.20 are vulnerable to Remote Code Execution (RCE) via argument injection. The issue occurs when calling the /api/fetch endpoint. User controlled values (remote and ref) are passed to the git fetch command. By injecting some git options it was possible to get arbitrary command execution.
References
Link | Resource |
---|---|
https://github.com/FredrikNoren/ungit/blob/master/CHANGELOG.md%231520 | Broken Link Release Notes Third Party Advisory |
https://github.com/FredrikNoren/ungit/pull/1510 | Exploit Patch Third Party Advisory |
https://snyk.io/vuln/SNYK-JS-UNGIT-2414099 | Release Notes Third Party Advisory |
https://github.com/FredrikNoren/ungit/blob/master/CHANGELOG.md%231520 | Broken Link Release Notes Third Party Advisory |
https://github.com/FredrikNoren/ungit/pull/1510 | Exploit Patch Third Party Advisory |
https://snyk.io/vuln/SNYK-JS-UNGIT-2414099 | Release Notes Third Party Advisory |
Configurations
History
21 Nov 2024, 06:52
Type | Values Removed | Values Added |
---|---|---|
References | () https://github.com/FredrikNoren/ungit/blob/master/CHANGELOG.md%231520 - Broken Link, Release Notes, Third Party Advisory | |
References | () https://github.com/FredrikNoren/ungit/pull/1510 - Exploit, Patch, Third Party Advisory | |
References | () https://snyk.io/vuln/SNYK-JS-UNGIT-2414099 - Release Notes, Third Party Advisory |
08 Aug 2023, 14:21
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-88 |
28 Mar 2022, 17:45
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 6.5
v3 : 8.8 |
CWE | CWE-77 | |
CPE | cpe:2.3:a:ungit_project:ungit:*:*:*:*:*:node.js:*:* | |
References | (MISC) https://github.com/FredrikNoren/ungit/pull/1510 - Exploit, Patch, Third Party Advisory | |
References | (MISC) https://snyk.io/vuln/SNYK-JS-UNGIT-2414099 - Release Notes, Third Party Advisory | |
References | (MISC) https://github.com/FredrikNoren/ungit/blob/master/CHANGELOG.md%231520 - Broken Link, Release Notes, Third Party Advisory |
21 Mar 2022, 18:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-03-21 18:15
Updated : 2024-11-21 06:52
NVD link : CVE-2022-25766
Mitre link : CVE-2022-25766
CVE.ORG link : CVE-2022-25766
JSON object : View
Products Affected
ungit_project
- ungit
CWE
CWE-88
Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')