Vulnerabilities > Argument Injection or Modification
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-01 | CVE-2022-24066 | Argument Injection or Modification vulnerability in Simple-Git Project Simple-Git The package simple-git before 3.5.0 are vulnerable to Command Injection due to an incomplete fix of [CVE-2022-24433](https://security.snyk.io/vuln/SNYK-JS-SIMPLEGIT-2421199) which only patches against the git fetch attack vector. | 9.8 |
| 2022-04-01 | CVE-2022-21223 | Argument Injection or Modification vulnerability in Cocoapods Cocoapods-Downloader The package cocoapods-downloader before 1.6.2 are vulnerable to Command Injection via hg argument injection. | 9.8 |
| 2022-04-01 | CVE-2022-24440 | Argument Injection or Modification vulnerability in Cocoapods Cocoapods-Downloader The package cocoapods-downloader before 1.6.0, from 1.6.2 and before 1.6.3 are vulnerable to Command Injection via git argument injection. | 9.8 |
| 2022-04-01 | CVE-2022-21235 | Argument Injection or Modification vulnerability in VCS Project VCS The package github.com/masterminds/vcs before 1.13.3 are vulnerable to Command Injection via argument injection. | 9.8 |
| 2022-03-23 | CVE-2021-43736 | Argument Injection or Modification vulnerability in Cmswing 1.3.7 CmsWing CMS 1.3.7 is affected by a Remote Code Execution (RCE) vulnerability via parameter: log rule | 9.8 |
| 2022-03-21 | CVE-2022-25766 | Argument Injection or Modification vulnerability in Ungit Project Ungit The package ungit before 1.5.20 are vulnerable to Remote Code Execution (RCE) via argument injection. | 8.8 |
| 2022-03-14 | CVE-2022-21187 | Argument Injection or Modification vulnerability in Libvcs Project Libvcs The package libvcs before 0.11.1 are vulnerable to Command Injection via argument injection. | 9.8 |
| 2022-03-11 | CVE-2022-24433 | Argument Injection or Modification vulnerability in Simple-Git Project Simple-Git The package simple-git before 3.3.0 are vulnerable to Command Injection via argument injection. | 9.8 |
| 2022-03-04 | CVE-2022-23915 | Argument Injection or Modification vulnerability in Weblate The package weblate from 0 and before 4.11.1 are vulnerable to Remote Code Execution (RCE) via argument injection when using git or mercurial repositories. | 8.8 |
| 2022-02-17 | CVE-2022-24953 | Argument Injection or Modification vulnerability in Pear Crypt GPG The Crypt_GPG extension before 1.6.7 for PHP does not prevent additional options in GPG calls, which presents a risk for certain environments and GPG versions. | 5.3 |