Vulnerability Details CVE-2022-25900
All versions of package git-clone are vulnerable to Command Injection due to insecure usage of the --upload-pack feature of git.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.019
EPSS Ranking 82.5%
CVSS Severity
CVSS v3 Score 8.1
CVSS v2 Score 10.0
References
Products affected by CVE-2022-25900
-
cpe:2.3:a:git-clone_project:git-clone:-
-
cpe:2.3:a:git-clone_project:git-clone:0.0.1
-
cpe:2.3:a:git-clone_project:git-clone:0.0.2
-
cpe:2.3:a:git-clone_project:git-clone:0.0.3
-
cpe:2.3:a:git-clone_project:git-clone:0.0.4
-
cpe:2.3:a:git-clone_project:git-clone:0.1.0