Vulnerabilities > Argument Injection or Modification
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-01 | CVE-2022-24437 | Argument Injection or Modification vulnerability in Git-Pull-Or-Clone Project Git-Pull-Or-Clone The package git-pull-or-clone before 2.0.2 are vulnerable to Command Injection due to the use of the --upload-pack feature of git which is also supported for git clone. | 9.8 |
| 2022-04-25 | CVE-2022-25866 | Argument Injection or Modification vulnerability in Git-PHP Project Git-PHP The package czproject/git-php before 4.0.3 are vulnerable to Command Injection via git argument injection. | 9.8 |
| 2022-04-19 | CVE-2022-25648 | Argument Injection or Modification vulnerability in multiple products The package git before 1.11.0 are vulnerable to Command Injection via git argument injection. | 9.8 |
| 2022-04-13 | CVE-2022-24828 | Argument Injection or Modification vulnerability in multiple products Composer is a dependency manager for the PHP programming language. | 8.8 |
| 2022-04-01 | CVE-2022-24066 | Argument Injection or Modification vulnerability in Simple-Git Project Simple-Git The package simple-git before 3.5.0 are vulnerable to Command Injection due to an incomplete fix of [CVE-2022-24433](https://security.snyk.io/vuln/SNYK-JS-SIMPLEGIT-2421199) which only patches against the git fetch attack vector. | 9.8 |
| 2022-04-01 | CVE-2022-21223 | Argument Injection or Modification vulnerability in Cocoapods Cocoapods-Downloader The package cocoapods-downloader before 1.6.2 are vulnerable to Command Injection via hg argument injection. | 9.8 |
| 2022-04-01 | CVE-2022-24440 | Argument Injection or Modification vulnerability in Cocoapods Cocoapods-Downloader The package cocoapods-downloader before 1.6.0, from 1.6.2 and before 1.6.3 are vulnerable to Command Injection via git argument injection. | 9.8 |
| 2022-04-01 | CVE-2022-21235 | Argument Injection or Modification vulnerability in VCS Project VCS The package github.com/masterminds/vcs before 1.13.3 are vulnerable to Command Injection via argument injection. | 9.8 |
| 2022-03-23 | CVE-2021-43736 | Argument Injection or Modification vulnerability in Cmswing 1.3.7 CmsWing CMS 1.3.7 is affected by a Remote Code Execution (RCE) vulnerability via parameter: log rule | 9.8 |
| 2022-03-21 | CVE-2022-25766 | Argument Injection or Modification vulnerability in Ungit Project Ungit The package ungit before 1.5.20 are vulnerable to Remote Code Execution (RCE) via argument injection. | 8.8 |