GHSA-w69q-w4h4-2fx8: Reverb use after free vulnerability

GHSA-vvf8-2h68-9475: Keycloak Open Redirect vulnerability

GHSA-4xx7-2cx3-x473: Keycloak SAML signature validation flaw

GHSA-84jw-g43v-8gjm: DOM Clobbering Gadget found in Rspack's AutoPublicPathRuntimeModule that leads to XSS

GHSA-jj94-6f5c-65r8: ZITADEL Allows Unauthorized Access After Organization or Project Deactivation

All versions of package git-clone are vulnerable to Command Injection due to insecure usage of the --upload-pack feature of git.

1.  GitHub Advisory Database
2.  GitHub Reviewed
3.  CVE-2022-25900

**Command injection in git-clone**

High severity GitHub Reviewed Published Jul 2, 2022 • Updated Jul 6, 2022

We are still processing this advisory. You may have affected repositories that are not yet on this list. Check back soon for more.

**Package**

npm git-clone (npm)

**Affected versions**

<= 0.2.0

**Description**

Headline

GHSA-8jmw-wjr8-2x66: Command injection in git-clone

Related news

ghsa: Latest News