Vulnerabilities > Simple GIT Project

DATE	CVE	VULNERABILITY TITLE	RISK
2023-01-26	CVE-2022-25860	Unspecified vulnerability in Simple-Git Project Simple-Git Versions of the package simple-git before 3.16.0 are vulnerable to Remote Code Execution (RCE) via the clone(), pull(), push() and listRemote() methods, due to improper input sanitization. This vulnerability exists due to an incomplete fix of [CVE-2022-25912](https://security.snyk.io/vuln/SNYK-JS-SIMPLEGIT-3112221). network low complexity simple-git-project critical	9.8
2022-12-06	CVE-2022-25912	OS Command Injection vulnerability in Simple-Git Project Simple-Git The package simple-git before 3.15.0 are vulnerable to Remote Code Execution (RCE) when enabling the ext transport protocol, which makes it exploitable via clone() method. network low complexity simple-git-project CWE-78 critical	9.8
2022-04-01	CVE-2022-24066	Argument Injection or Modification vulnerability in Simple-Git Project Simple-Git The package simple-git before 3.5.0 are vulnerable to Command Injection due to an incomplete fix of [CVE-2022-24433](https://security.snyk.io/vuln/SNYK-JS-SIMPLEGIT-2421199) which only patches against the git fetch attack vector. network low complexity simple-git-project CWE-88 critical	9.8
2022-03-11	CVE-2022-24433	Argument Injection or Modification vulnerability in Simple-Git Project Simple-Git The package simple-git before 3.3.0 are vulnerable to Command Injection via argument injection. network low complexity simple-git-project CWE-88 critical	9.8

Vulnerabilities > Simple GIT Project {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Simple GIT Project"}]}