Yarkeev Denis

1 exploit Active since Apr 2022
CVE-2022-1440 WRITEUP CRITICAL WRITEUP
git-interface < 2.1.2 - OS Command Injection via --upload-pack Argument
Command Injection vulnerability in [email protected] in GitHub repository yarkeev/git-interface prior to 2.1.2. If both are provided by user input, then the use of a `--upload-pack` command-line argument feature of git is also supported for `git clone`, which would then allow for any operating system command to be spawned by the attacker.
CVSS 9.8