Vulnerability Details CVE-2021-3028
git-big-picture before 1.0.0 mishandles ' characters in a branch name, leading to code execution.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.011
EPSS Ranking 76.7%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
- https://github.com/git-big-picture/git-big-picture/pull/27
- https://github.com/git-big-picture/git-big-picture/pull/62
- https://github.com/git-big-picture/git-big-picture/releases/tag/v1.0.0
- https://github.com/git-big-picture/git-big-picture/pull/27
- https://github.com/git-big-picture/git-big-picture/pull/62
- https://github.com/git-big-picture/git-big-picture/releases/tag/v1.0.0
Products affected by CVE-2021-3028
-
cpe:2.3:a:git-big-picture_project:git-big-picture:0.10.0
-
cpe:2.3:a:git-big-picture_project:git-big-picture:0.10.1
-
cpe:2.3:a:git-big-picture_project:git-big-picture:0.8.0
-
cpe:2.3:a:git-big-picture_project:git-big-picture:0.9.0