Sha256: ed0c755eff21aa9d0395e1dfaffea498e976126ea378b44125656323bcbc9ea3

Contents?: true

Size: 467 Bytes

Versions: 5

Compression:

Stored size: 467 Bytes

Contents

---
gem: git-fastclone
cve: 2015-8969
url: https://hackerone.com/reports/105190
title: git-fastclone Shell Metacharacter Injection Arbitrary Command Execution
date: 2015-12-15
description: |
  git-fastclone before 1.0.5 passes user modifiable strings directly to a shell
  command. An attacker can execute malicious commands by modifying the strings
  that are passed as arguments to "cd " and "git clone " commands in the
  library.
patched_versions:
  - ">= 1.0.5"

Version data entries

5 entries across 5 versions & 2 rubygems

Version Path
bundler-audit-0.7.0.1 data/ruby-advisory-db/gems/git-fastclone/CVE-2015-8969.yml
bundler-budit-0.6.2 data/ruby-advisory-db/gems/git-fastclone/CVE-2015-8969.yml
bundler-budit-0.6.1 data/ruby-advisory-db/gems/git-fastclone/CVE-2015-8969.yml
bundler-audit-0.6.1 data/ruby-advisory-db/gems/git-fastclone/CVE-2015-8969.yml
bundler-audit-0.6.0 data/ruby-advisory-db/gems/git-fastclone/CVE-2015-8969.yml