CVE-2022-25766

The package ungit before 1.5.20 are vulnerable to Remote Code Execution (RCE) via argument injection. The issue occurs when calling the /api/fetch endpoint. User controlled values (remote and ref) are passed to the git fetch command. By injecting some git options it was possible to get arbitrary command execution.
References
Link Resource
https://github.com/FredrikNoren/ungit/blob/master/CHANGELOG.md%231520 Broken Link Release Notes Third Party Advisory
https://github.com/FredrikNoren/ungit/pull/1510 Exploit Patch Third Party Advisory
https://snyk.io/vuln/SNYK-JS-UNGIT-2414099 Release Notes Third Party Advisory
https://github.com/FredrikNoren/ungit/blob/master/CHANGELOG.md%231520 Broken Link Release Notes Third Party Advisory
https://github.com/FredrikNoren/ungit/pull/1510 Exploit Patch Third Party Advisory
https://snyk.io/vuln/SNYK-JS-UNGIT-2414099 Release Notes Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:ungit_project:ungit:*:*:*:*:*:node.js:*:*

History

21 Nov 2024, 06:52

Type Values Removed Values Added
References () https://github.com/FredrikNoren/ungit/blob/master/CHANGELOG.md%231520 - Broken Link, Release Notes, Third Party Advisory () https://github.com/FredrikNoren/ungit/blob/master/CHANGELOG.md%231520 - Broken Link, Release Notes, Third Party Advisory
References () https://github.com/FredrikNoren/ungit/pull/1510 - Exploit, Patch, Third Party Advisory () https://github.com/FredrikNoren/ungit/pull/1510 - Exploit, Patch, Third Party Advisory
References () https://snyk.io/vuln/SNYK-JS-UNGIT-2414099 - Release Notes, Third Party Advisory () https://snyk.io/vuln/SNYK-JS-UNGIT-2414099 - Release Notes, Third Party Advisory

08 Aug 2023, 14:21

Type Values Removed Values Added
CWE CWE-77 CWE-88

28 Mar 2022, 17:45

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : 6.5
v3 : 8.8
CWE CWE-77
CPE cpe:2.3:a:ungit_project:ungit:*:*:*:*:*:node.js:*:*
References (MISC) https://github.com/FredrikNoren/ungit/pull/1510 - (MISC) https://github.com/FredrikNoren/ungit/pull/1510 - Exploit, Patch, Third Party Advisory
References (MISC) https://snyk.io/vuln/SNYK-JS-UNGIT-2414099 - (MISC) https://snyk.io/vuln/SNYK-JS-UNGIT-2414099 - Release Notes, Third Party Advisory
References (MISC) https://github.com/FredrikNoren/ungit/blob/master/CHANGELOG.md%231520 - (MISC) https://github.com/FredrikNoren/ungit/blob/master/CHANGELOG.md%231520 - Broken Link, Release Notes, Third Party Advisory

21 Mar 2022, 18:15

Type Values Removed Values Added
New CVE

Information

Published : 2022-03-21 18:15

Updated : 2024-11-21 06:52


NVD link : CVE-2022-25766

Mitre link : CVE-2022-25766

CVE.ORG link : CVE-2022-25766


JSON object : View

Products Affected

ungit_project

  • ungit
CWE
CWE-88

Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')