GHSA-27wf-5967-98gx:  Kubernetes kubelet arbitrary command execution

GHSA-mr95-vfcf-fx9p: Apache Answer: Predictable Authorization Token Using UUIDv1

GHSA-pqhp-25j4-6hq9: smol-toml has a Denial of Service via malicious TOML document using deeply nested inline tables

GHSA-v5h2-q2w4-gpcx: Sentry improper error handling leaks Application Integration Client Secret

GHSA-8w49-h785-mj3c: Tornado has an HTTP cookie parsing DoS vulnerability

All versions of package git-clone are vulnerable to Command Injection due to insecure usage of the --upload-pack feature of git.

1.  GitHub Advisory Database
2.  GitHub Reviewed
3.  CVE-2022-25900

**Command injection in git-clone**

High severity GitHub Reviewed Published Jul 2, 2022 • Updated Jul 6, 2022

We are still processing this advisory. You may have affected repositories that are not yet on this list. Check back soon for more.

**Package**

npm git-clone (npm)

**Affected versions**

<= 0.2.0

**Description**

Headline

GHSA-8jmw-wjr8-2x66: Command injection in git-clone

Related news

ghsa: Latest News