Vulnerability Details CVE-2021-32673
reg-keygen-git-hash-plugin is a reg-suit plugin to detect the snapshot key to be compare with using Git commit hash. reg-keygen-git-hash-plugin through and including 0.10.15 allow remote attackers to execute of arbitrary commands. Upgrade to version 0.10.16 or later to resolve this issue.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.018
EPSS Ranking 82.0%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 7.5
References
- https://github.com/reg-viz/reg-suit/commit/f84ad9c7a22144d6c147dc175c52756c0f444d87
- https://github.com/reg-viz/reg-suit/releases/tag/v0.10.16
- https://github.com/reg-viz/reg-suit/security/advisories/GHSA-49q3-8867-5wmp
- https://www.npmjs.com/package/reg-keygen-git-hash-plugin
- https://github.com/reg-viz/reg-suit/commit/f84ad9c7a22144d6c147dc175c52756c0f444d87
- https://github.com/reg-viz/reg-suit/releases/tag/v0.10.16
- https://github.com/reg-viz/reg-suit/security/advisories/GHSA-49q3-8867-5wmp
- https://www.npmjs.com/package/reg-keygen-git-hash-plugin
Products affected by CVE-2021-32673
-
cpe:2.3:a:reg-keygen-git-hash_project:reg-keygen-git-hash:0.0.10
-
cpe:2.3:a:reg-keygen-git-hash_project:reg-keygen-git-hash:0.0.11
-
cpe:2.3:a:reg-keygen-git-hash_project:reg-keygen-git-hash:0.0.13
-
cpe:2.3:a:reg-keygen-git-hash_project:reg-keygen-git-hash:0.0.14
-
cpe:2.3:a:reg-keygen-git-hash_project:reg-keygen-git-hash:0.0.17
-
cpe:2.3:a:reg-keygen-git-hash_project:reg-keygen-git-hash:0.0.19
-
cpe:2.3:a:reg-keygen-git-hash_project:reg-keygen-git-hash:0.0.3
-
cpe:2.3:a:reg-keygen-git-hash_project:reg-keygen-git-hash:0.0.4
-
cpe:2.3:a:reg-keygen-git-hash_project:reg-keygen-git-hash:0.0.5
-
cpe:2.3:a:reg-keygen-git-hash_project:reg-keygen-git-hash:0.0.7
-
cpe:2.3:a:reg-keygen-git-hash_project:reg-keygen-git-hash:0.0.8
-
cpe:2.3:a:reg-keygen-git-hash_project:reg-keygen-git-hash:0.0.9
-
cpe:2.3:a:reg-keygen-git-hash_project:reg-keygen-git-hash:0.1.0
-
cpe:2.3:a:reg-keygen-git-hash_project:reg-keygen-git-hash:0.1.2
-
cpe:2.3:a:reg-keygen-git-hash_project:reg-keygen-git-hash:0.1.4
-
cpe:2.3:a:reg-keygen-git-hash_project:reg-keygen-git-hash:0.10.10
-
cpe:2.3:a:reg-keygen-git-hash_project:reg-keygen-git-hash:0.10.11
-
cpe:2.3:a:reg-keygen-git-hash_project:reg-keygen-git-hash:0.10.12
-
cpe:2.3:a:reg-keygen-git-hash_project:reg-keygen-git-hash:0.10.14
-
cpe:2.3:a:reg-keygen-git-hash_project:reg-keygen-git-hash:0.10.15
-
cpe:2.3:a:reg-keygen-git-hash_project:reg-keygen-git-hash:0.10.3
-
cpe:2.3:a:reg-keygen-git-hash_project:reg-keygen-git-hash:0.10.6
-
cpe:2.3:a:reg-keygen-git-hash_project:reg-keygen-git-hash:0.10.7
-
cpe:2.3:a:reg-keygen-git-hash_project:reg-keygen-git-hash:0.10.8
-
cpe:2.3:a:reg-keygen-git-hash_project:reg-keygen-git-hash:0.10.9
-
cpe:2.3:a:reg-keygen-git-hash_project:reg-keygen-git-hash:0.2.0
-
cpe:2.3:a:reg-keygen-git-hash_project:reg-keygen-git-hash:0.2.6
-
cpe:2.3:a:reg-keygen-git-hash_project:reg-keygen-git-hash:0.3.0
-
cpe:2.3:a:reg-keygen-git-hash_project:reg-keygen-git-hash:0.3.1
-
cpe:2.3:a:reg-keygen-git-hash_project:reg-keygen-git-hash:0.4.0
-
cpe:2.3:a:reg-keygen-git-hash_project:reg-keygen-git-hash:0.4.2
-
cpe:2.3:a:reg-keygen-git-hash_project:reg-keygen-git-hash:0.5.0
-
cpe:2.3:a:reg-keygen-git-hash_project:reg-keygen-git-hash:0.5.1
-
cpe:2.3:a:reg-keygen-git-hash_project:reg-keygen-git-hash:0.5.2
-
cpe:2.3:a:reg-keygen-git-hash_project:reg-keygen-git-hash:0.5.3
-
cpe:2.3:a:reg-keygen-git-hash_project:reg-keygen-git-hash:0.5.4
-
cpe:2.3:a:reg-keygen-git-hash_project:reg-keygen-git-hash:0.5.5
-
cpe:2.3:a:reg-keygen-git-hash_project:reg-keygen-git-hash:0.5.6
-
cpe:2.3:a:reg-keygen-git-hash_project:reg-keygen-git-hash:0.5.8
-
cpe:2.3:a:reg-keygen-git-hash_project:reg-keygen-git-hash:0.5.9
-
cpe:2.3:a:reg-keygen-git-hash_project:reg-keygen-git-hash:0.6.0
-
cpe:2.3:a:reg-keygen-git-hash_project:reg-keygen-git-hash:0.6.2
-
cpe:2.3:a:reg-keygen-git-hash_project:reg-keygen-git-hash:0.6.3
-
cpe:2.3:a:reg-keygen-git-hash_project:reg-keygen-git-hash:0.7.0
-
cpe:2.3:a:reg-keygen-git-hash_project:reg-keygen-git-hash:0.7.1
-
cpe:2.3:a:reg-keygen-git-hash_project:reg-keygen-git-hash:0.7.16
-
cpe:2.3:a:reg-keygen-git-hash_project:reg-keygen-git-hash:0.7.23
-
cpe:2.3:a:reg-keygen-git-hash_project:reg-keygen-git-hash:0.7.25
-
cpe:2.3:a:reg-keygen-git-hash_project:reg-keygen-git-hash:0.7.5
-
cpe:2.3:a:reg-keygen-git-hash_project:reg-keygen-git-hash:0.7.6
-
cpe:2.3:a:reg-keygen-git-hash_project:reg-keygen-git-hash:0.8.5