CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-25866

The package czproject/git-php before 4.0.3 are vulnerable to Command Injection via git argument injection. When calling the isRemoteUrlReadable($url, array $refs = NULL) function, both the url and refs parameters are passed to the git ls-remote subcommand in a way that additional flags can be set. The additional flags can be used to perform a command injection.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.013

EPSS Ranking 78.6%

CVSS Severity

CVSS v3 Score 8.1

CVSS v2 Score 7.5

References

Products affected by CVE-2022-25866

Git-Php Project » Git-Php » Version: 1.0.0

cpe:2.3:a:git-php_project:git-php:1.0.0
Git-Php Project » Git-Php » Version: 1.0.1

cpe:2.3:a:git-php_project:git-php:1.0.1
Git-Php Project » Git-Php » Version: 1.0.2

cpe:2.3:a:git-php_project:git-php:1.0.2
Git-Php Project » Git-Php » Version: 2.0.0

cpe:2.3:a:git-php_project:git-php:2.0.0
Git-Php Project » Git-Php » Version: 3.0.0

cpe:2.3:a:git-php_project:git-php:3.0.0
Git-Php Project » Git-Php » Version: 3.1.0

cpe:2.3:a:git-php_project:git-php:3.1.0
Git-Php Project » Git-Php » Version: 3.10.0

cpe:2.3:a:git-php_project:git-php:3.10.0
Git-Php Project » Git-Php » Version: 3.11.0

cpe:2.3:a:git-php_project:git-php:3.11.0
Git-Php Project » Git-Php » Version: 3.12.0

cpe:2.3:a:git-php_project:git-php:3.12.0
Git-Php Project » Git-Php » Version: 3.13.0

cpe:2.3:a:git-php_project:git-php:3.13.0
Git-Php Project » Git-Php » Version: 3.13.1

cpe:2.3:a:git-php_project:git-php:3.13.1
Git-Php Project » Git-Php » Version: 3.14.0

cpe:2.3:a:git-php_project:git-php:3.14.0
Git-Php Project » Git-Php » Version: 3.15.0

cpe:2.3:a:git-php_project:git-php:3.15.0
Git-Php Project » Git-Php » Version: 3.15.1

cpe:2.3:a:git-php_project:git-php:3.15.1
Git-Php Project » Git-Php » Version: 3.16.0

cpe:2.3:a:git-php_project:git-php:3.16.0
Git-Php Project » Git-Php » Version: 3.16.1

cpe:2.3:a:git-php_project:git-php:3.16.1
Git-Php Project » Git-Php » Version: 3.16.2

cpe:2.3:a:git-php_project:git-php:3.16.2
Git-Php Project » Git-Php » Version: 3.17.0

cpe:2.3:a:git-php_project:git-php:3.17.0
Git-Php Project » Git-Php » Version: 3.17.1

cpe:2.3:a:git-php_project:git-php:3.17.1
Git-Php Project » Git-Php » Version: 3.18.0

cpe:2.3:a:git-php_project:git-php:3.18.0
Git-Php Project » Git-Php » Version: 3.18.1

cpe:2.3:a:git-php_project:git-php:3.18.1
Git-Php Project » Git-Php » Version: 3.18.2

cpe:2.3:a:git-php_project:git-php:3.18.2
Git-Php Project » Git-Php » Version: 3.2.0

cpe:2.3:a:git-php_project:git-php:3.2.0
Git-Php Project » Git-Php » Version: 3.3.0

cpe:2.3:a:git-php_project:git-php:3.3.0
Git-Php Project » Git-Php » Version: 3.4.0

cpe:2.3:a:git-php_project:git-php:3.4.0
Git-Php Project » Git-Php » Version: 3.5.0

cpe:2.3:a:git-php_project:git-php:3.5.0
Git-Php Project » Git-Php » Version: 3.6.0

cpe:2.3:a:git-php_project:git-php:3.6.0
Git-Php Project » Git-Php » Version: 3.7.0

cpe:2.3:a:git-php_project:git-php:3.7.0
Git-Php Project » Git-Php » Version: 3.8.0

cpe:2.3:a:git-php_project:git-php:3.8.0
Git-Php Project » Git-Php » Version: 3.9.0

cpe:2.3:a:git-php_project:git-php:3.9.0
Git-Php Project » Git-Php » Version: 3.9.1

cpe:2.3:a:git-php_project:git-php:3.9.1
Git-Php Project » Git-Php » Version: 4.0.0

cpe:2.3:a:git-php_project:git-php:4.0.0
Git-Php Project » Git-Php » Version: 4.0.1

cpe:2.3:a:git-php_project:git-php:4.0.1
Git-Php Project » Git-Php » Version: 4.0.2

cpe:2.3:a:git-php_project:git-php:4.0.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-25866

Products

Pricing

Contact Us